The purpose of this case study is to illustrate the consequences of DDOS attacks against the biggest Automobile industries. Nowadays, some of the large Auto sector companies perform all their business deals online through their website and the main concern is keep the application up and running all time, but customer is always feels a security risk in putting all the data online which might be compromised and become conduit for threats, bot attacks and DDOS attacks to infiltrate the company network.
KEY CHALLENGES :
Similarly, one of the biggest Auto-mobile company in Canada is targeted by DDOS attacks from a Hacktivist group where the intruder is continuously overwhelm the web server for either cripple it or take it down. The big problem with this DDOS attack is with the overwhelming load associated with it which impacts a huge spike to an incredible amount which could cost them hundreds or even thousands of dollars. Afterwards, customer receive a threat message to pay some amount to their group to avoid the further attacks on their application. Hereafter, Customer is facing a huge loss on their dealership services which is running online with their websites and all the customer data and trust services could be compromised
This Anonymous hacktivist group, launches the DDOS attacks in 3 major strikes.
- Prestrike Doxing: On this stage, the attacker sends a threatening messages attributed to Anonymous where it demands for money with the customer details.
- Slow DDOS Attack: Over the course of a week, the attacker made good on their threats by targeting the website with a slow DDOS attack.
- Attacks Peak: This is the third strike where this attacker made multiple attempts to penetrate the website through direct high volume DDOS attack.
Here the website goes down after third strike and they start losing the huge deals with their clients running through their online portal application. The major effects are:
- The inability to reach one’s client during a DDoS attack.
- The inability to receive the information of the clients who submit for the dealership through their online portal.
- The inability to publish new trust deals and timely information to their clients, especially challenging in cases where clients pays the payment of the deals using the same website portal and it starts failing it.
- Their clients losing the trust on this portal as this happens in every regular days.
Further, Customer is not able to block DDOS attacks with their internal firewalls as such attacks are perform over the Layer 7 application layer. Since, they realize the adverse effects on their deals with the new and existing clients, they immediately needs a proper WAF solution which defends this DDOS attacks
The company’s CISO says “We have entered in an era in which cyber-attacks can be more than disruptive and expensive, investing in decent WAF DDOS Protection can save you time, money and frustration down the road.
STRATEGY & RECOMMENDED SOLUTION :
By looking into this emerging attack, we recommend to immediately enable the Apptrana protection which provides the multiple Layer protection to block DDOS attacks, we suggest the custom policies and few default Apptrana protection rules as mention below:
- The first layer of defence would be the highly scalable infrastructure of AWS which scales seamlessly under high load and the edge points in these nodes protect against all type of Layer 3 and Layer 4 attacks and ensures they do not cause any availability issues.
- A basic DDOS protection policies which are already activated by default to mitigate the DDOS attack over the Layer 7 and request are getting blocked as per the threshold value.
- Apptrana also serves the IP Reputation checks of the requested IPs and blocks anything that marked malicious in our database according to the threat intelligence.
- Apptrana checks for the BOTs which pretend as a good bots and block them
- Our solution comes with inbuilt rate limiting policies for controlling the number of requests and propagation happens within seconds.
- Further adding to the security levels, solution will provide advance protection which includes the policies such as user level tracking, Honey pots, Advance input validation, and Anomaly policies.
The combination of all the above layers of defense, Apptrana provides the best comprehensive DDOS protection
Customer implement our WAF solution to get protection from Layer 7 attacks along with the 24*7 monitoring team who is continuously monitors the spikes on application traffic to mitigate DDOS attacks and as Apptrana inbuilt provides the multiple instances which improve the application accessibility by monitoring health check of the application and helps to maintain the latency with the scalable services.
Once Apptrana WAF protection is enable, our solution identify the DDOS attacks and start blocking all the requests generated by the Hacktivist group. The IP reputation checks and by fine tune the rate limiting policies helps to defense from a huge volume of DDOS attacks. Customer dint face any challenges ahead and being more comfortable with our security solution. Now their team can concentrate on their business deals while Apptrana team is continuously monitors their application for 24/7/365 to provide a complete security posture to their application.