It was only months since the pandemic had started when Amazon Web Services (AWS) revealed that it fended off the largest DDoS attack in history. Distributed Denial of Service attacks are designed to overload servers or disrupt network services by overwhelming them with access requests until it crashes. While the previous DDoS record, set in 2018, was 1.7Tbps, the attack on AWS fired 2.3Tbps and it took almost three days for the company to finally neutralize the threat. However, AWS’ revelation created a butterfly effect across the industries and eventually became catalytic in terms of creating awareness about the sword of Damocles hanging over their heads and the need for automated defence mechanisms. It’s no wonder organizations prefer proven cybersecurity partners like AKS Information Technology Services Pvt. Ltd (an ISO 9001:2015 & 27001:2013 certified company). Based out of Noida, AKS was established as early as 2006 and boasts a customer ecosystem of more than 8500 companies. AKS is also home to the award-winning, patented anti-DDoS solution – HaltDos.
One of the most reputed CERT-In empaneled agencies in the country, AKS provides a wide range of IT Security Services encrusting Auditing, Compliance, Forensic Investigations & Training, backed up by a team of 100+ professionals, most having certifications such as CISSP, CISA, ISO 27001, MBCI, CCNA, CEH, & RHCE. The company is also an authorized reseller of security products & equipment. I recently got to talking with the company’s director, Anshul Saxena, and was able to involve him in an exclusive interview.
In conversation with Anshul Saxena, CEO, AKS IT Services
Ever since the global technology boom started, the cyber security market has only grown up. Over the years, while threats have manifested ever growing traits, it has also been impressive the way the industry has responded. Where is AKS positioned in the current Enterprise IT Security industry?
Thanks to the reach and size of the global Cyber Security market, the industry over the years has grown exponentially. In fact, I believe that it will continue to grow at a resoundingly swifter pace than the advent of Information Technology, as it plays a critical role in safeguarding older, current, as well as the upcoming technologies, which unarguably is a Herculean responsibility to say the least. The key players in the market, including the likes of AKS IT Services for that matter, have been working round the clock to ensure adequate response. At our end in particular, the organization has been striving for ethical and sustained growth patterns ever since its establishment in 2006. An essential act in this regard demands that we keep abreast of the latest technology that is associated with carrying out risk mitigation.
Moreover, we have undertaken crucial steps to establish ourselves in a leading position within the said Enterprise IT Security industry. For instance, we have a dedicated R&D Department that conducts research across multiple aspects of IT security. We have also designed quality audit procedures for cyber security services (like Auditing, Consultancy, Compliance, Computer Forensics & Crime Investigation, and Training) in addition to creating a patented technology. Furthermore, we have commercialized the aforementioned technology into effective cyber security products for mitigating risks like Anti Distributed Denial of Service attack (Anti DDoS) and Web Application Firewall (WAF) for enterprises.
Our technology covers a wide area of deployment, from traditional hardware appliances, to NFVs and SaaS options for our security products portfolio. All of
this has helped us strategically establish a firm footing in the evolving industry, and the phenomenal response from experts and customers adds to this. Quite recently, we were bestowed with the National Technology Award (on 11 May 2021) for the development & patenting of technology and commercialization of our Cyber Security (Anti DDoS) product. It gives me immense pride to state that the start-up offspring of the AKS IT Group- HaltDos.com (a cyber-security solution provider) also stands listed amongst the top 100 Cyber Security start-ups in the world, as claimed by the prestigious Analytics Insight.
The pandemic has sky-rocketed cyber-attacks and data theft. What are the new challenges that your company faces and how has been your response to this? Also, what is your USP?
Rightly said, the cyber-attacks during this unfortunate pandemic have increased multifold. This can be primarily sourced to the increase in attack surface, as a direct consequence of the overnight shift of the national workforces to a work-from-home culture, wherein they access servers located in their offices/data centers. Adding to this are the unsecure use of Remote Access Protocol (including RDP, Teamviewer, & Anydesk) and the lack of robust, secure connectivity between homes and offices. This has jointly resulted in ransomware attacks and data theft. It also posed a challenge to our organization, as we too started working from home with appropriate policies, SOPs, and remote access through VPN to restricted employees on need-basis for limited time periods.
AKS IT services is driven towards providing holistic solutions across a wide range of variables and growing challenges
Tell us about your portfolio of solutions pertaining to Auditing, Compliance, Forensic Investigation & Training. How would you describe your innovations and technology capabilities?
AKS IT Services is driven towards providing holistic solutions across a wide range of variables and growing challenges. Our services portfolio includes everything from Vulnerability Assessment & Risk Management to Red Team Exercise & External Penetration Testing, Application Security Testing, Network Security Auditing, Security Auditing of Industrial Control Systems (ICS), Security Auditing of Telecom Systems, Security Audit of Banking Systems, and SOC1 Type 2 audits.
Additionally, we work towards implementation of security standards like ISO-27001 & ISO-22301, Cyber Security Framework, compliance to regulatory requirements like RBI guidelines, UIDAI guidelines, and CCA guidelines as well as providing consultancy in Security Operations Centre, Cloud Security, Computer Forensics and Crime Investigation services, Malware Investigation & incident handling, and Information Security training. Meanwhile, we are particularly proud to have indigenously developed the AKS Forensic Workstation for computer forensic analysis, imaging, password cracking, recovery of deleted files, evidence gathering, and report generation.
Innovation stands at the root of all our services and experiments. Regarding our technical capabilities in this regard, we have conducted extensive research, patented (Patent No. 353365) our technology, and developed & commercialized our Make in India cyber security product- trademarked as ‘HaltDos’. In this category, we have
products like HaltDos Anti DDoS, Web Application Firewall, Application Delivery Platform with integrated SSL off loader & Server Load Balancer, and integrated Anti DDoS & WAF solution. Meanwhile, for clients on Cloud, we have developed the HaltDos cloud security platform for providing Anti-DDoS, WAF, Anti-Bot, DNS security, and Content Delivery Network (CDN) services. I believe these top-of-the-line products and services are positioned well as a response to challenges posed within the emerging cyber security threats scenario.
How would you describe the impact of your interventions? Could you tell us an interesting implementation story?
Yes, I think I recall something on this note. During the middle of the lockdown in 2020, one of the prominent banks in the country approached us with an unresolved issue – their online banking was going down during peak times, commencing at the end of the month and reeling into the first few days of the following month. With no changes to the application during the said period, our security team suspected a DDoS attack. In response, with even spare devices in our office, we immediately shipped our Anti-DDoS solution to help the customer.
On its deployment, we were able to confirm the Low & Slow category of DDoS attack. Equipped with machine learning, the solution identified attacking IoCs and successfully thwarted multiple attack attempts. As many as 16,000 malicious IPs were identified as involved in the attack, and the same were reported to the concerned authorities. Backed by our successful PoC, the said bank turned into our permanent happy customer!
What are the opportunities that you foresee?
There’s a lot brewing in foresight, undoubtedly. Newer technologies like IoT, Artificial Intelligence, 5G, Cloud, Industry 4.0, FinTech, and Healthcare Automation etc are posing unprecedented challenges alongside revolutionary development. The advent of these would increase the range of attack surfaces, which would require automation in Cyber Security practices/services like automated Security Operations Centre (SoC), real-time threat intelligence gathering, automated tools for Governance, Risk & Compliance (GRC), and automated risk-based vulnerability management. Needless to say, the demand for Cyber Security services will rise rapidly to meet these new challenges. Nonetheless, we are confident that AKS IT is rightly placed and continuously evolving to meet the latest cyber security needs.
“Meanwhile, for clients on cloud, we have developed the Haltdos cloud security platform for providing anti-ddos, WAF, ANTI-BOT, DNS security, and content delivery network (CDN) services”
Where is the company headed in the years to come? What’s AKS’ future roadmap?
The AKS IT Group today consists of AKS IT Services, Haltdos.com, and AKS Institute of Cyber Technology. While AKS IT Services is committed to provide Cyber Security services to mitigate current and futuristic cyber risk, Haltdos.com aims at innovating and developing AI-based cyber security solutions to protect IT/OT/IOT Infra against current and futuristic threats. On the other hand, AKS Institute of Cyber Technology bolsters our three dimensional approach by providing training on new attack surfaces created by advancement in technology and policy/practices needed to mitigate the cyber risk or how to investigate high-tech crimes.
The tri-pronged war on Cyber Threats thus extended by our group is backed by strong credentials in India. Confident, positive, and determined, we are now expanding to other geographical locations where our vision, products, and services are/will be needed.