ake78 (3D & photo) - Fotolia
The Melbourne centre is slated to open this quarter, joining Akamai’s Sydney scrubbing facility, which opened in 2016.
The most recent cyber threat report from the Australian Cyber Security Centre noted that the “scale and impact of DDoS activity has set new records for volume through both traditional approaches and by exploiting newer methods, such as co-opting IoT [internet of things] devices”.
The centre said DDoS attacks account for 5% of cyber disruptions in the private sector and 9% in the public sector.
Australia’s highest-profile DDoS remains the 1.5Gbps attack against the 2016 census, leading to the online census being taken offline for two days until the problem was fixed.
The Australian Bureau of Statistics has confirmed it did not adequately test and review the DDoS security of the census system – even though the attack was mild compared to others, such as the memcached attack that peaked at 1.3Tbps in February 2018, according to Akamai.
Fernando Serto, head of security, technology and strategy for Akamai in Sydney, said that although demand for scrubbing services is rising, they have addressed only a small portion of the market.
Leading banks are using such services, he said, but many others, particularly government departments, are not – even though they are undertaking major transformations and offering digital services that could be stalled by a successful DDoS attack.
A report released last month by Oracle and KPMG – admittedly focused on cloud security – suggests that Australian enterprises are now starting to automate cyber security. That report revealed that 66% of Australia companies had committed to security automation, significantly above the global figure of 49%.
Serto said Akamai works with a number of companies in Australia, including Tourism Australia, Qantas and Deakin University.
Read more about cyber security in Australia
- Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region.
- The cyber security consulting arm of Australian telco Optus is acquiring Hivint for A$23.3m in a bid to bolster its security pedigree.
- The Digital Transformation Agency has become the first government agency in Australia to test the use of Microsoft Office 365 in a secure cloud.
- Australia’s privacy watchdog has recorded over 800 cases of data breaches, nearly one year into the country’s mandatory data breach notification regime.
It offers three scrubbing service levels: in the first, a customer calls when it thinks it may be a DDoS target and asks Akamai to route traffic through the scrubbing centre; in the second, Akamai monitors traffic and calls the customer if it believes it needs to have traffic scrubbed; and in the third, more expensive service, internet traffic is always routed through the scrubbing centre.
According to Serto, the second service has tackled 10,000 DDoS attacks worldwide, with “65% of them mitigated in zero seconds”.
Rising demand for traffic scrubbing has seen Akamai increase the number of centres it operates, from seven in 2014 when it acquired Prolexic, the company that developed the technology, to 19 today.
Serto said demand in Australia meant it now made sense to run two centres. “When we started this, the only scrubbing centre in this region was in Hong Kong,” he said. “But when you are routing traffic to Hong Kong, you significantly increase the latency and the user experience is poor.”
Having two local scrubbing centres means Akamai can handle the growing demand and tackle latency issues, said Serto. He declined to say how much the company had invested in the new centre or how many people will be hired to man the 24-hour service.