Employing cloud computing services could help organizations defend against the type of distributed denial of service attacks that have temporarily crippled the online service of major American banks, says NIST’s Matthew Scholl.
By using cloud computing services, Scholl says in an interview with Information Security Media Group, enterprises no longer are completely dependent on their own physical infrastructure because they can add processing capabilities from the cloud to keep up with DDoS attacks.
“You have an entire cloud infrastructure that you can spin up and provision to keep pace with the scale of the attack. And when the attack subsides, then you can drop an infrastructure back down again and just pay for that service that you needed when the attack occurs,” says Scholl, deputy chief of the National Institute of Standards and Technology’s computer security division. “We’ve seen use of cloud and the elasticity and the dynamic nature of cloud technology to be something that is kind of changing the economics of a DDoS attack.”
In the interview, Scholl explains:
- Why he believes the recent DDoS attacks against banks may not be as dire as they appear [see Bank Attacks: What Have We Learned?];
- How the migration to IPv6 could help organizations can defend against DDoS attacks;
- Types of guidance NIST offers that could help organizations develop plans to handle DDoS attacks.
Scholl says DDoS attacks won’t vanish anytime soon, but believes a government-industry partnerships could help diminish the impact of these digital assaults. “That’s going to be the solution to try to both enable us to defend against it on the organizational side and remove the capability of it at the threat side,” he says.