John Pescatore

A member of the Gartner Blog Network

John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Coverage Areas:

Still in Denial About Denial of Service?

by John Pescatore  |  July 13, 2011  |  Submit a Comment

Thirty five years ago today I was working at my summer job at JFK airport in New York and all the lights went out – only the control towers were lit, a very eerie sight from a truck driving around the tarmac. This was the great Northeast blackout of 1977.

There have been a number of those over the years – 2003 was the last big one, I think. Now everyone tends to try to overhype cyber-threats as the cause of these outages, but generally they are environmental or operational failure driven.  Breathless reports always cite “hackers can take down the power grid any time they want” but for some reason they don’t but mother nature does.

Anyway, we learned by the mid 1980s that mainframes and servers without electricity were pretty much just big, expensive paperweights, so the Uninterruptible Power Supply/Battery Backup industry grew up. Here in the 2000’s we are finding that PCs and data centers without Internet connectivity are just big, expensive, electricity-consuming paperweights – when the Internet is down business comes to a crawl.

There have definitely been environmentally caused Internet outages, but in this case denial of service attacks are the leading cause. There are low scale attacks that anyone who can spell LOIC can launch and then there are large scale distributed attacks that take a bit more knowledge of botnets and the like, but DoS attacks are basically like thunderstorms on the Internet: hard to predict when they will hit, but they will and you can build a thunderstorm-proof Internet connection – just the way you can have thunderstorm proof power to your datacenter.

Basically, it is time to have DDoS protection considered as part of Business Continuity planning, just the way redundant Internet connections and backup datacenters are planned for and funded.

Submit a Comment »

Category: Uncategorized     Tags:

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment