The latest reports from leading IT security providers clearly show that the threat of DDoS attacks still exists and cyber criminals will always find new ways to harm their victims. One example of this was the record DDoS attack against the online service GitHub in March 2018.
The website of the leading development platform, which supplies software development projects on its servers through file-hosting, was attacked with a data rate of 1.35 terabytes per second. Akamai, one of the leading providers of DDoS solutions and cloud security, was able to fend off the massive attack after just a few minutes. According to information provided by the company, this was the largest documented DDoS attack to date. Most of the latest ‘mega-attacks’ can be explained by unprotected IoT devices and cell phones, which are becoming increasingly ubiquitous and can be misused for an attack as part of a botnet. In the case of GitHub however, there was no sign of this kind of botnet. Here, a security gap in Memcached servers that was noticed just before the attack was taken advantage of.
In its latest ‘State of the Internet Security’ report, Akamai noted a renewed increase of 14 percent in DDoS attacks for the fourth quarter of 2017 in comparison to the same period in the previous year. Akamai processes several billion online transactions every day on its ‘Intelligent Platform’. These are evaluated by the company for its quarterly report.
DDoS attacks: Cost to companies
As part of the annual ‘IT Security Risks’ study performed by Kaspersky Lab, in April 2017 over 5,200 decision-makers from small, medium and large companies in 29 countries were asked questions about security issues and cyber security incidents. This study shows that the costs of DDoS attacks are increasing significantly. SMEs can now expect to face costs of 123,000 US dollars per attack. In the case of large companies, a DDoS attack can even hit them with financial damage of 2.3 million dollars on average.
However, in spite of these high financial risks, the study shows that only 19 percent of companies asked have a DDoS solution on hand. 20 percent of those questioned mentioned costs that did not outweigh the risks as the reason for the lack of protective solutions. The costs for modern DDoS solutions are now much lower than the costs that companies incur following an attack – not counting the loss of image and productivity.
Multifaceted DDoS threats and solutions
Any company can select suitable DDoS protection from a plethora of available solutions. DDoS mitigation services, which are predominantly of interest to e-commerce operators, media companies or other online services, are often based on a CDN (Content Delivery Network). The advantage of this is that the solution works with a globally distributed infrastructure and provides targeted defense against DDoS attacks at the edge of the network. We also talk about DNS forwarding with regard to these solutions. The DNS entries for the environment being protected are adapted so that traffic first has to run via the mitigation infrastructure. This is where requests are examined and, in the case of an attack, repelled.
If a company wants to secure several areas of its environment effectively, they could use a so-called scrubbing center. This not only protects the website or the online shop, but also databases, email systems, and other applications, such as those used for invoicing. The entire traffic of the company environment is routed to the nearest scrubbing center via the Border Gateway Protocol (BGP), where it is filtered and then forwarded via a secure line. Cloud-based scrubbing solutions are particularly good at protecting against large volume attacks and can also recognize multi-vector attacks more quickly.
A dedicated hardware solution also provides extensive DDoS protection for the entire environment. It is used as a transparent gateway between the public network environment and a hosting infrastructure. Incoming data traffic is automatically filtered in line with DDoS and other attack patterns. However, the downside to this solution is that it can only manage a lower bandwidth of attacks.
DDoS solutions for SMEs
Small and medium-sized enterprises in particular should take a systematic approach to defending effectively against Denial-of-Service in 2018 given that, in the daily operation of a hosting and cloud provider, it can be seen that SMEs are being targeted for attacks with increasing regularity. Special care needs to be taken by SMEs whose business model is dependent on the continuous availability of their online presence.
Many of them do not have sufficient protection, which hackers love to take advantage of. They often send the victims an extortion letter before an attack, in which they demand payment of a certain amount to an anonymous Bitcoin account – otherwise the attack will go ahead.
The demand may also be for a relatively small amount. For example last year, the XMR-Squad hacker group only demanded 250 Euros in order to ‘test the DDoS protection’ of German Internet companies. For 250 Euros, the operator of a small online shop will generally not wait very long before paying the extortion amount. The hackers usually take this approach in doing their business.
There are new solutions available on the market for SMEs and the operators of smaller online shops, which transfer the cloud principle to DDoS protection. These are based on a modern infrastructure, which they combine with professional scrubbing centers.
With these kinds of DDoS mitigation solutions, several clients share the necessary resources, which leads to a reduction of operating costs for all those involved. Another advantage: SMEs then not only have protection for their online shop or website in the face of outages caused by DDoS, but also for their entire hosting infrastructure, including email servers or databases. This means that cloud-based DDoS solutions provide smaller companies with protection that is extensive yet economic.
Conclusion: Protection against DDoS attacks is indispensable for companies of all sizes
The fact is: All business-critical applications or services could be affected by DDoS attacks. The increasing digitization and use of web-based end devices provide hackers with a broad field for new and increasingly sophisticated DDoS attacks. That is why extensive and effective protection against these kinds of attacks is now indispensable for companies of all sizes from all industries.
Niko Bender has been Head of Marketing at PlusServer since May 2015, and is responsible for strategy projects. Before joining PlusServer, Niko Bender was initially in technical roles at T-Mobile USA, UK, and Germany, and subsequently moved into product management for the mobile operator. There, he was responsible for the technical product management of mobile Internet products, before he took on the role of Head of B2B Marketing for Mobile Products, which he held for five years.
Please note: The opinions expressed in Industry Insights published by dotmagazine are the author’s own and do not reflect the view of the publisher, eco – Association of the Internet Industry.