Solutions Showcase: Using AMS CloudFront Service to filter out DDoS attacks.
The National Oceanic and Atmospheric Administration (NOAA) has the monumental task of forecasting weather and monitoring our oceanic and atmospheric conditions while also protecting marine mammals and endangered species in the U.S. With so much critical science going on, it’s imperative that employees can communicate and perform their work seamlessly, safe from cyber-attacks. One way they achieve this goal is by partnering with T and T Consulting Service, Inc. (T&T), a minority, women owned NITAAC CIO-SP3 Small Business Contract Holder. Leveraging T&T's expertise is one way NOAA fortifies its cybersecurity measures, enabling seamless communication and uninterrupted operations in the face of evolving cyber threats. Before we get into T&T’s implementation, let’s look at the entire cost of cyberattacks in 2022 – a whopping $6 trillion dollars according to the blog Tech Jury! That’s an average cost per breach of $3.80 million dollars. Alarmingly, projections indicate a further increase to $10.5 trillion annually by 2025. Globally, some 30,000 web sites are hacked daily, with federal agencies being the second highest target. That leaves federal sites like NOAA’s facing a high risk of cyber intrusions, necessitating robust protective measures. NOAA determined that managing organizational workflow safely and efficiently was critical to their staff, especially when they’re targeted by Distributed Denial of Service (DDoS) attacks – threats that occur when hackers use multiple systems to flood a particular server with irrelevant requests that slow down or block legitimate requests from genuine users. When this exact scenario occurred on one of NOAA’s major public-facing websites, their Web Operation Center (W-O-C) was quick to react, thanks to T&T. The team at T&T recommended and presented the NOAA W-O-C with implementation plans for AWS CloudFront service, which has AWS Shield cybersecurity built right in. In less than a week, the T&T team orchestrated the deployment of the AWS CloudFront Service within NOAA's W-O-C hosted environments. This solution examines each packet's origin source and detects potential DDoS attacks, ensuring that only legitimate requests reach their intended destinations at edge locations. Immediately upon implementation, this solution deployed, caught and filtered out two likely DDoS attacks. In addition, it helped reduce both cost and load on the origin server, optimizing performance. T&T not only met NOAA’s expectations, they surpassed them by swiftly resolving incidents, requests, and cutting backlogged incidents in half. “T&T has agile techniques in developing applications. We use agile techniques to show breakthroughs very quickly with just a small amount of capability. Using our continuous integration and continuous delivery pipelines, we implement innovative and agile software without compromising security.” Similar cybersecurity solutions can be easily acquired through the NITAAC CIO-SP3 Small Business IT Services and Solutions Government-Wide Acquisition Contract. NITAAC provides any federal agency, civilian or Department of Defense, with Best-in-Class Government-Wide Acquisition Contracts to meet virtually every IT need. To learn more, visit NITAAC.nih.gov or call us at 1.888.773.6542. Produced by NITAAC Voiceover - Victoria Henderson