Monday, October 14, 2019

Organizations in Bahrain Face New IT Security Challenges

IPv6-Based DDoS Attacks, says Expert from A10 Networks

IPv6.  We’ve heard it’s been coming for years; but no, it’s not here yet.  However it’s “here” enough to be a security threat to every organization in Bahrain that has started their migration to IPv6.  With IPv6 adoption comes new security challenges.  Although only 25% of websites completely support IPv6 today, many more are supporting v6 in parts of their network, whether their operators know it or not.

Glen Ogden, Regional Sales Director, Middle East at A10 Networks says that IPv6 introduces not just another attack vector but an attack volume – one that encompasses a parallel universe of all DDoS attacks known today.  All attack vectors that originate in IPv4, be they volumetric or application attacks, can also occur in IPv6.

For the most part an IPv6 network is no more or less vulnerable to DDoS attacks than its IPv4 counterpart but the fact that any vulnerability in v4 can be exploited in v6 is frightening because of the sheer number of vectors and the fact that most security professionals don’t know everything running IPv6 in their network today.

IPv6-based DDoS attacks today are neither as prevalent nor as big as those happening over IPv4 but they are occurring with increasing frequency and sophistication.  As IPv6 comes to represent an increasingly bigger part of the network each year, so too will exposure to IPv6-based attacks.

Volumetric

Volumetric attacks are perpetrated by leagues of zombie computing devices collectively known as a botnet.  The power of DDoS volumetric attacks is proportional to the number of connected devices in the botnet.  More zombies equal more fire power to send out mal-intended DNS, NPT and CHARGEN messages.

Although only 6% of an organization’s website visitors use IPv6 today, it doesn’t mean only that percent will be affected.  Since it’s best practice for both protocols to share the same interface, i.e. are dual-stacked, flooding the IPv6 interface indiscriminately takes down all users, independent of the Internet Protocol they’re on.

As the number of connected devices grows, so too will IPv6.  By 2020 it is estimated that there will be 34 billion connected devices on the Internet.  Are networks ready for botnets version six?

To mitigate the v6 DDoS parallel attack, organizations should ensure that their DDoS mitigation solution has the same functionality in IPv6 and uses the same hardware for acceleration.

Application Layer

Attack vectors at layer 7 use specialized traffic designed to consume enough computational resources to overwhelm a system.  Far fewer attacks but more deadly.  As in the lower layers all vulnerabilities at the application layer over v4 are also vulnerable over v6.  Different protocol, same result.

Keeping Up

Most IPv6 attacks go unnoticed by the untrained eye.  Mitigation of DDoS attacks over the next generation protocol starts with training.  Security specialists need to know IPv6 well enough to recognize attacks and then mitigate them with the tools at hand.  And these tools must have feature and hardware parity in IPv4 and IPv6.  To mitigate the parallel volume of v6 DDoS attacks, it is imperative to go through the organization’s DDoS solution, line by line, feature by feature, to make sure it protects the network as well over IPv6.

“Whack a mole” is a never ending game in network security but in the case of next generation DDoS mitigation, being properly trained and ensuring that the organization has a fully IPv6-capable solution are the prerequisites to play.

MOST READ

Tender Board opens 36 bids for five tenders for four purchasing authorities

The Tender Board, the independent regulator of Bahrain Government procurement activities, today opened 36 bids related to five tenders for four purchasing authorities. Among these,...

Gulf Air Hosts Corporate Dinner for Travel Agents in Addis Ababa

Gulf Air, the national carrier of the Kingdom of Bahrain, has recently organized a corporate dinner for key travel agents in Addis Ababa, Ethiopia....

Ali’s Comeback to open in New York City

The final leg of the four city African Diaspora Film Festival will begin at Teacher's College at Columbia University on November 29, 2019. To...

BD187 Million of Exports of National Origins during August 2019

The Information & eGovernment Authority (iGA) issued its foreign trade report for August 2019 which encompasses data on the balance of trade, imports, exports...

Bahrain and Kerala sign MoU for cooperation in FinTech, ICT and IoT Start-ups

The Bahrain Economic Development Board (EDB), the investment promotion agency for the Kingdom of Bahrain, has signed a memorandum of understanding (MoU) with the...

Carrefour and The Conserving Bounties Society Sign Agreement to Help Reduce Food Waste

Carrefour, which is operated in Bahrain by Majid Al Futtaim, signed an agreement with The Conserving Bounties Society, the first specialized foodbank in the...

Stress Relief through Plough Pose

Stress is defined as ‘A state of emotional strain or tension resulting from adverse or demanding conditions.’ When we are in stress our nervous system...

UAE Exchange Opens New Branch in Ras Zuwayed

Customers can now simply walk-in and choose from a bouquet of financial services such as instant money transfer, real-time account credit facility, and foreign...

Google Maps now aids visually impaired people

Google Maps can now help visually impaired people get to their walking destinations more easily — by continually reminding them that they’re on the...

iGA Chief Executive Meets Huawei Bahrain CEO

Information & eGovernment Authority (iGA) Chief Executive Mohammed Ali AlQaed received Huawei Bahrain CEO, Jon Lu Yuedong at his office at iGA’s headquarters in...

Speed Cameras location service, New addition to the eTraffic app

Tired of getting caught on camera for speeding, unsure if you actually exceeded the road speed limit? Check out the new Speed Cameras location...

INJAZ Bahrain hosts the annual Schools and Universities Appreciation Day

Under the patronage of His Excellence Dr. Majid Bin Ali Al Nuaimi, Minister of Education, INJAZ Bahrain hosted the annual Schools and Universities Appreciation...

Bahrain Airport Company staff honoured with Productivity Improvement Practice Certificates

Twenty Bahrain Airport Company (BAC) team members were recognised with certificates for completing a Productivity Improvement Practice (PIP) programme aimed at enhancing efficiency in...

Cataract: In hindsight, all we need is a clear foresight

This World Sight Day on October 10th is an excellent occasion to look into  a few of the most prevalent reasons for vision impairment...

The Gulf Hotel Bahrain’s La Pergola awarded

The Gulf Hotel Bahrain’s La Pergola by Giancarlo Perbellini won first place for the “most memorable dinner" - Season 2018-2019 by the Chaîne des...