Question 4 - The Dire DDoS Realities - How Bad can it Get? (APRICOT 2022)
We often say “never let a DDoS Incident go waste.” How do you prepare for those time when a DDoS incident wake people up and opens “opportunities for improvement?” (See the APRICOT 2022 Site - https://2022.apricot.net) Today’s most common DDoS attacks are simple, brain dead, and effective. We live in a world where it is easy to craft a DDoS using simple reflectors. DDoS simplicity has consequences. Organizations craft their DDoS defenses to cater to what they see today. They are not exploring the possibilities. Possibilities from known DDoS techniques in the past. Feasible DDoS demonstrated, tested, but has yet to be actualized by the miscreants. This panel session walks through these possibilities of what could happen if a smart attacker would do just a little more homework. Each panelist will be asked a series of questions to explore “How bad can DDoS get.” The objective would be to have a tool for our peers to use to explain to decision-makers the potential risk and necessity for action. Panelists’ wisdom will help map out grave risks we’re facing and pointers to explore DDoS Resiliency Architectures to minimize the impact risk. All the speakers are here in their personal capacity as architects, engineers, and researchers who are passionate about building a safer, more secure Internet. * Richard Clayton - Highwayman Associates Ltd * Roland Dobbins - Arbor/NetScout * Krista Hickey - Telus * Alexander Lyamin - Qrator Labs * Damian Menscher - Google * Ivan Reutskiy - Vocus We thank everyone for participating in this "empowerment experiment." We hope that engineers, architects, sysadmins, leaders, and many others listen and reflect on the knowledge and wisdom provided by the speakers. Together, they provide decades of experience fighting DDoS and building Resilient systems.
We often say “never let a DDoS Incident go waste.” How do you prepare for those time when a DDoS incident wake people up and opens “opportunities for improvement?” (See the APRICOT 2022 Site - https://2022.apricot.net) Today’s most common DDoS attacks are simple, brain dead, and effective. We live in a world where it is easy to craft a DDoS using simple reflectors. DDoS simplicity has consequences. Organizations craft their DDoS defenses to cater to what they see today. They are not exploring the possibilities. Possibilities from known DDoS techniques in the past. Feasible DDoS demonstrated, tested, but has yet to be actualized by the miscreants. This panel session walks through these possibilities of what could happen if a smart attacker would do just a little more homework. Each panelist will be asked a series of questions to explore “How bad can DDoS get.” The objective would be to have a tool for our peers to use to explain to decision-makers the potential risk and necessity for action. Panelists’ wisdom will help map out grave risks we’re facing and pointers to explore DDoS Resiliency Architectures to minimize the impact risk. All the speakers are here in their personal capacity as architects, engineers, and researchers who are passionate about building a safer, more secure Internet. * Richard Clayton - Highwayman Associates Ltd * Roland Dobbins - Arbor/NetScout * Krista Hickey - Telus * Alexander Lyamin - Qrator Labs * Damian Menscher - Google * Ivan Reutskiy - Vocus We thank everyone for participating in this "empowerment experiment." We hope that engineers, architects, sysadmins, leaders, and many others listen and reflect on the knowledge and wisdom provided by the speakers. Together, they provide decades of experience fighting DDoS and building Resilient systems.