DHS Awards $1.7 Million Contract for DDoS Defense

The Department of Homeland Security (DHS) this week awarded a $1.7 million contract for beefing up Distributed Denial of Service (DDoS) attack defenses.

The award went to Galois, a company that has been using computer science and applied mathematics to solve technological problems since 1999. The company praises itself for having a world-class team of programmers and engineers and is already a partner in the defense and intelligence industries, helping companies build reliability, safety and security into their product development efforts.

The newly awarded contract is part of DHS S&T Cyber Security Division’s larger Distributed Denial of Service Defenses (DDoSD) program, the company says. Moreover, it explains that, as part of the contract, it will focus on reducing DDoS threats and provide organizations with the ability to detect and block DDoS attacks before they reach complete network saturation.

One of the aspects that Galois will be focused on is to reduce mitigation response time by 50 percent, which should result in an overall peak traffic reduction of 75 to 90 percent. Additionally, the company will work on reducing the time between the start of the attack and the detection of the attack, aiming at bringing it down by 25 percent.

Galois notes that its project, called DDoS Defense for a Community of Peers (3DCoP), involves a peer-to-peer collaboration mechanism that provides organizations with the possibility to work together to detect and mitigate DDoS attacks. The collaboration is highly important because DDoS attacks are targeted at all types of organizations, including financial institutions, news entities, universities, government agencies, and other critical infrastructure organizations.

DDoS attacks are capable of bringing even the largest organizations offline, while medium and small-sized businesses are often the most affected by such threats. During an attack, the amount of traffic generated can saturate Internet connections several times over, which usually makes it a challenge to find an Internet Service Provider (ISP) that can act quickly on the matter.

“Current DDoS defense systems are proving ineffective because they operate in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack. This delay is critical. It provides positive feedback to the attacker, who will continue to send more and more traffic at the target network. Our solution advances the state of DDoS defense by providing new tools that allow multiple defenders to coordinate their response, resulting in earlier detection and faster DDoS mitigation,” Adam Wick, Research Lead, Mobile Security & Systems Software, Galois, said.

DDoS attacks represented one of the biggest security threats last year, as cybercriminals managed to create DDoS bots capable of large scale attacks. One of them was revealed in September to be powered by Linux machines infected by the XOR DDoS Trojan and to be capable of launching 150+ gigabit-per-second (Gbps) DDoS attacks.

The end of 2015 brought a series of noteworthy DDoS attacks as well, such as the one launched against Linode, which prompted the company to reset users’ Linode Manager passwords. Details of 34,000 Steam users were exposed after the popular gaming platform was hit by a DDoS attack on Christmas day, while BBC’s services went down on New Year’s Eve after being targeted by the New World Hacking group in what was said to be a test of Bangstresser, a DDoS tool capable of 600 Gbps attacks.