Imagine your friend calling you on the phone. But from the last one hour, he is unable to get the call through because 40,000 other people are also calling you at the time.

That’s a classic distributed denial-of-service attack analogy explaining how it affects your web applications in the same way. Think of your customers trying to open the website but your app is unable to serve their request and crashes down.

And it’s not rare. Happens to businesses across the world, both big and small.

1. DDoS attacks are cheap.

In the world of cloud computing where anyone can hire machines with advanced processing powers, how difficult you think it is to launch application level distributed denial-of-services. According to current underground market prices, bots including zombies are available for hire for less than $5. It will not cost more than $200-250 in total to overwhelm server for an average website with an application DDoS attack.

The figures might not help companies much, but they definitely provide an idea of how easy it is to target any website in the world. With motivations ranging from rivalry to disgruntled employees, eventually, every web application will face the threat.

Get free application DDoS security for 14 days

2. Competitors will target you.

How to make sure that ‘sale’ day on a particular website is unavailable to most of the visitors? How to ruin the bestselling day for a popular website? DDoS is unfortunately the simplest answer to these questions. In fact, just last year’s Christmas shopping on Sony and Microsoft websites was disrupted by such DDoS attacks and many security experts have pointed towards rival brands.

Today, competition does not shy away from taking any step for decrepitating rival businesses. The practice has led to a rise of ‘take the competitor out’ services and people are purchasing them readily. What’s your action plan on it?

3. Differentiating attack vs. real traffic is difficult.

Did you know that most companies cannot differentiate between bot/zombie traffic and real traffic until it is too late to react? Spam traffic can range anywhere from one machine to a consolidated group from a specific location with special signature or any other identity.

Half of the DDoS battle is over if you have the capacity to detect such traffic. The ‘AppTrana’ continuously studies traffic and matches it with preloaded red flags for analytical intelligence feeding. Security experts further study this data to create mutually analogous warning signs to identify distributed denial-of-service attacks faster.

4. Here’s the reason for your massive cloud costs.

Often companies host their websites or application on cloud servers in order to save cost and to increase computing efficiency. Most major cloud players even offer elastic bandwidth that automatically accommodates an increase in traffic by bumping up the subscription cost. In theory, it seems like a great idea. Your website or application will virtually never go down, even under a Layer-7 DDoS attacks.

What if these traffic spikes are within range of 5-10 GB or even more? While your website will perform with elastic sustainability, computing costs will shoot for the sky too. Make sure that you’re not paying for the DDoS traffic in the first place.

5. Application-layer DDoS attack is different.

Whenever we talk of distributed denial-of-services attacks, most people overlook application layer. The truth is that Layer 7 is actually more vulnerable and easy to penetrate as compared to the network level. There is usually a flood of TCP, SYN and UDP, which is easily detected.

Further, controlling physical infrastructure is easier but when it comes to the application-layer attackers are on real IPs which are actually communicating with the server.

6. It is often camouflaged.

When Sony’s PlayStation Network was hacked a few years back, the attempt was cleverly camouflaged by a distributed denial-of-services attack. Multiple Sony divisions were targeted in a large-scale, thoroughly coordinated attack. While their security experts were busy dealing with DDoS disaster, hackers smartly stole data for 77 million users on the servers.

It has happened once and again where security teams are busy deflecting large traffic from unknown sources and intrusion goes undetected for days.

Your Layer 7 DDoS Strategy

The thing about application layer DDoS is that it keeps evolving. You write a rule to block some country, machine signature or even payload, hackers come up with something else that’s untraceable. That is where the human part comes in. DDoS prevention security is all about evolving with attack techniques.

Your security vendor should be able to identify threat vectors and apply custom techniques that protect your business. It can be anything from blocking to timing out the connections. An existing DDoS interpretation expertise, analytics monitoring and prevention intelligence is critical to the purpose.

Here’s how you can learn more about it.

14-day Trial to Block App DDoS

 

Founder & Chief Marketing Officer, Indusface

Venky has played multiple roles within Indusface for the past 6 years. Prior to this, as the CTO @indusface, Venky built the product/service offering and technology team from scratch, and grew it from ideation to getting initial customers with a proven/validated business model poised for scale. Before joining Indusface, Venky had 10+ years of experience in security industry and had held various mgmt/leadership roles in Product Development, Professional Services and Sales @Entrust.