Imagine your friend calling you on the phone. But from the last one hour, he is unable to get the call through because 40,000 other people are also calling you at the time.
That’s a classic distributed denial-of-service attack analogy explaining how it affects your web applications in the same way. Think of your customers trying to open the website but your app is unable to serve their request and crashes down.
And it’s not rare. Happens to businesses across the world, both big and small.
In the world of cloud computing where anyone can hire machines with advanced processing powers, how difficult you think it is to launch application-level distributed denial-of-service. According to current underground market prices, bots including zombies are available for hire for less than $5. It will not cost more than $200-250 in total to overwhelm the server for an average website with an application DDoS attack.
The figures might not help companies much, but they definitely provide an idea of how easy it is to target any website in the world. With motivations ranging from rivalry to disgruntled employees, eventually, every web application will face the threat.
See if your website can be attacked with AppTrana Free Website Security Scan.
How to make sure that ‘sale’ day on a particular website is unavailable to most of the visitors? How to ruin the bestselling day for a popular website? DDoS is, unfortunately, the simplest answer to these questions. In fact, just last year’s Christmas shopping on Sony and Microsoft websites was disrupted by such DDoS attacks and many security experts have pointed towards rival brands.
Today, competition does not shy away from taking any step for decrepitating rival businesses. The practice has led to a rise of ‘take the competitor out’ services and people are purchasing them readily. What’s your action plan on it?
Did you know that most companies cannot differentiate between bot/zombie traffic and real traffic until it is too late to react? Spam traffic can range anywhere from one machine to a consolidated group from a specific location with a special signature or any other identity.
Half of the DDoS battle is over if you have the capacity to detect such traffic. The AppTrana continuously studies traffic and matches it with preloaded red flags for analytical intelligence feeding. Security experts further study this data to create mutually analogous warning signs to identify distributed denial-of-service attacks faster.
Often companies host their websites or application on cloud servers in order to save cost and to increase computing efficiency. Most major cloud players even offer elastic bandwidth that automatically accommodates an increase in traffic by bumping up the subscription cost. In theory, it seems like a great idea. Your website or application will virtually never go down, even under a Layer-7 DDoS attack.
What if these traffic spikes are within range of 5-10 GB or even more? While your website will perform with elastic sustainability, computing costs will shoot for the sky too. Make sure that you’re not paying for the DDoS traffic in the first place.
Whenever we talk of distributed denial-of-service attacks, most people overlook the application layer. The truth is that Layer 7 is actually more vulnerable and easy to penetrate as compared to the network level. There is usually a flood of TCP, SYN and UDP, which is easily detected.
Further, controlling physical infrastructure is easier but when it comes to the application-layer attackers are on real IPs which are actually communicating with the server.
When Sony’s PlayStation Network was hacked a few years back, the attempt was cleverly camouflaged by a distributed denial-of-service attack. Multiple Sony divisions were targeted in a large-scale, thoroughly coordinated attack. While their security experts were busy dealing with DDoS disaster, hackers smartly stole data for 77 million users on the servers.
It has happened once and again where security teams are busy deflecting large traffic from unknown sources and intrusion goes undetected for days.
The thing about application layer DDoS is that it keeps evolving. You write a rule to block some country, machine signature or even payload, hackers come up with something else that’s untraceable. That is where the human part comes in. DDoS prevention security is all about evolving with attack techniques.
Your security vendor should be able to identify threat vectors and apply custom techniques that protect your business. It can be anything from blocking to timing out the connections. Existing DDoS interpretation expertise, analytics monitoring, and prevention intelligence are critical to the purpose.
DDoS Protection Solutions
Founder & Chief Marketing Officer, Indusface
Venky has played multiple roles within Indusface for the past 6 years. He was instrumental in building the product/service and technology team from scratch and grew it from ideation to getting initial customers with a proven/validated business model poised for scale. He has proven experience (10+ years) in the security industry and has held various mgmt/leadership roles in Product Development, Professional Services, and Sales during his time at Entrust Data card.