Latin America. Juan Pablo Fernández, Systems Engineer of the Government vertical in Fortinet Colombia, shared with VENTAS DE SEGURIDAD what is now a trend: that governments upload all information to the cloud and manage different operations over the Internet, this in order to offer faster, more flexible and easily accessible services for citizens, with theoretically moderate operating costs. However, many of these cloud services today do not contemplate all the layers of security necessary to protect information assets.
This can generate different impacts on public and private sector companies and citizens, because in recent years cybersecurity and cyber defense have evolved so nimbly that they have made it difficult to predict where the next threat will occur or materialize and what impact it will have on different sectors, including the local economy.
According to IDC, in the third quarter of 2015, more than 222,000 attacks of different types occurred against technology infrastructure in Latin America. Among the most common attacks are so-called distributed denial-of-service attacks, also known as dDoS attacks. This type of attack has acquired importance worldwide, for its ease of execution and for the immediate negative effects it causes, they also consist of a group of compromised systems, also known as "zombie computers" that attack a single target to cause a denial of services to users who are legitimate.
A study published on the State of the Internet website worldwide, reveals that in 2015 DDoS attacks increased by 132% compared to 2014 and that of these, attacks focused on cloud infrastructure or Layer 7 attacks, had an increase of 122% compared to 2014.
What motivates these attacks?
Clearly the attacks seek to cause damage to different victims, whether personal or business, for political, financial, retaliation, etc. However, it is clear that the primary purpose is to cause damage to the reputation of the entities subject to it.
What are the characteristics of these attacks?
DDoS attacks are the #1 threat to data centers that provide cloud services. This is why the size of these is getting bigger every day, so 80% of attacks are more than 100Gbps, making the most successful of these attacks have an average duration of 20 hours. It should be noted that this threat modality is becoming more sophisticated every day such as xml-based or layer 7 focused on the cloud, many times this type of threat is used by hackers to mask intrusions.
What to do to prevent these attacks?
There are many solutions on the market focused on protecting against these threats, among the most common are purpose-specific antiDDoS devices, which due to their special type of hardware are able to stop these attacks and allow the passage only of valid traffic, in order to protect the entire infrastructure without affecting the architecture and addressing.
If government entities do not have a budget to implement some type of specific purpose solution, they can take as a good practice the correct configuration in the allocated resources, such as web services to meet the demand of users.
Taking into account the above, Latin American governments have been generating some guidelines in cybersecurity aimed at developing strategies, instructions and regulations regarding the issue to counteract the increase in computer threats from three fronts:
Cyber defense: Governments are focused on protecting the critical infrastructure of each country with different initiatives, some are: strengthening the computer security infrastructure, ensuring the sovereignty of countries and the creation of response groups to computer incidents.
State Cybersecurity: Governments generate important guidelines in terms of organization and standardization, as in the case of Colombia with its Government online program. This organization guides the entities of the Colombian State to organize themselves in terms of information security, computer security and the adoption of new technologies, such as IPv6, in order to make their infrastructure robust, secure and that it can adapt to the demands of society.
Citizen cybersecurity: Governments seek on this front to raise awareness among citizens, in the way they see their personal information, how they communicate and how they access the different computer services offered by public and private providers. The public strategy seeks to make the population understand the risks related to the use of social networks, which generates social problems such as cyberbullying, information hijacking, Sexting, etc.
It is important to emphasize that the Government's efforts in trying to reduce the level of risk to which state entities, private companies, citizens and the country in general are exposed, through regulations, initiatives and awareness campaigns, are useless, if it is not understood that the plans without action, remain on paper. This is where it strategic plans focused on the consolidation of robust and scalable security architectures become relevant, allowing public and private entities to offer more efficient services.
