On January 5, 2018 the US Secretary of Commerce and Secretary of Homeland Security submitted “A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem against Botnets and Other Automated, Distributed Threats.”
This draft report responds to the Trump administration’s May 11, 2017, Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.
If you care at all about the US federal government’s approach to DDoS protection, it’s worth reading this document. It’s impossible to sum up a 37-page report in a few paragraphs, but here are some of the most salient points:
- Past efforts of collaboration between industry and the federal government have yielded incremental progress, and improved resiliency will require improved coordination on policy and governance issues.
- “Effective tools exist, but are not widely used. The tools, processes, and practices required to significantly enhance the resilience of the Internet and communications ecosystem are widely available, if imperfect, and are routinely applied in selected market sectors. However, they are not part of common practices for product development and deployment in many other sectors for a variety of reasons, including (but not limited to) lack of awareness, cost avoidance, insufficient technical expertise, and lack of market incentives.”
- The vision for the future includes “shared best practices” across infrastructure (which would include not only hardware and software, but hosting and Internet service providers).
- “An increasingly smart network can segment different types of traffic automatically, to isolate or mitigate applications or devices that are sources of attacks.”
- “Enterprises that understand the risks and implement these mechanisms are the exception. Many at-risk enterprises are unaware of the potential impacts of DDoS attacks on their operations. Such enterprises may not understand fully their ability to protect their networks and respond to an attack. For example, they may not understand the limitations of their contracts with Internet service providers, or the availability of products and services to mitigate DDoS attacks. They also may not understand fully the cost to recover from such an attack.”
- The vision for the future is one in which enterprises deploy secure devices, and enterprises deploy or procure on- and off-premise DDoS mitigation services.