Help From Above - Information Security Magazine - Page 1

Security managers are looking to the keepers of the Internet cloud for relief.

Antigua--home of sunsets, sand and online point spreads--has become ground zero for Internet gambling. These offshore gambling sites are also prime extortion targets for organized criminals who threaten distributed denial-of-service attacks if monthly "protection money" isn't paid up. It's a scene right out of gangster movies with a high-tech twist.

"We've been hosting some of these gaming sites, and they are literally being threatened by the mob," says Dr. Bill Hancock, former chief security officer at Savvis Communications, a Texas-based carrier and maintainer of an Internet backbone. "I've seen the e-mail messages. The gambling sites start off demanding $3,000 a month, then $30,000 a month. They may pay them off at first, but when it gets this expensive, there's no ROI. They turn to us asking, 'What can you do?'"

Security managers for these gambling sites aren't the only ones asking that question. Others are also looking for a little help from above--the Internet cloud and the keepers of the Internet backbone. Carriers are starting to offer in-the-cloud security services that take advantage of their inline position with network traffic and their ability to stop attacks before they reach the enterprise gateway.

"We own the networks and the pipe; it's simple," Hancock says.

Savvis, AT&T, MCI and Perimeter Internetworking sell DDoS, antispam and antiphishing

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

protection and other security services from the cloud. The majority of these services are in their infancy, with a few financial services organizations and SMBs among the early adopters in 2005. Carriers, meanwhile, continue to seek the right combination of technology to mitigate threats and add new services down the line--all the while managing a level of cooperation among competitors to keep incidents in check.

If carriers take hold of the ever-dissolving network edge and move enterprise DMZs into the cloud, companies will be able to retire hardware licenses and subscribe to services currently offered by managed security service providers at a fraction of the cost.

"All security functions will be forced into the cloud--DDoS, antivirus, firewalling. If we're right, it's a profound concept," says AT&T CISO Ed Amoroso. "We become an MSSP. We are taking what MSSPs do and meshing that with our own infrastructure so that the service provider and the carrier become one."

This was first published in January 2006