In late July we were approached by a government agency of a Latin American country who was suffering from an over-a-month long campaign of DDoS attacks they had so far failed to mitigate. Each of the attacks lasted for several hours at a time –sometimes multiple times a day – making it through their existing DDoS protection device and right into the headlines of the local press.
One year ago, a threat actor launched a DDoS attack that disrupted service of some of the internet’s biggest names. The Mirai botnet had enslaved hundreds of thousands of IoT devices and was used to attack several entities, including the managed Domain Name System (DNS) provider Dyn.
The attack on Dyn was an event that many referred to as a wake-up call for internet security.
Except the industry, by and large, never really woke up.
Many years ago, one of my customers had an internet-facing application. They positioned load balancers in front of the application to support the growing traffic load. Traffic to the website was growing so fast, that parts of the network infrastructure could not support the customer load.
The Rise of the “Availability Vulnerabilities”
Availability problems aren’t necessarily unique; however, the testing is certainly different.
THE BUSINESS PROBLEM:
Your company has reason to believe that it may be attacked in the near future or recently has come under attack. The main questions that come to mind:
– How do I know if the attackers will be successful?
– How can I test my environment myself for expected attacks?
It’s funny although sometimes the first way we do something might be the right way, we try to improve it to make it look shinier. Eventually we realize that the most obvious answer was actually the right answer, our original tactic.
Previously we looked at increasingly popular multi-CDN strategies, and how best to secure them. This part takes a broader look at CDNs in general, and how bringing back your security from the ‘edge’ can improve the overall security of your web applications.
Bringing back your security from the ‘edge’ of the CDN has many advantages – particularly in multi-CDN deployment scenarios. We take a look at the various deployment models for creating a centralized security protection layer, and when each should be considered.
Adopting a multi-CDN approach can be great for performance, but can also create some complex security challenges.
The growth of DDoS-as-a-Service has resulted in a wide array of powerful and affordable DDoS services available to the public. Since the beginning of 2016, Radware’s ERT Research division has been monitoring a number of services available on both the clear and the darknet. These off-the-shelf attack services have been used to launch DDoS attacks on a number of industries including ISPs, media, financial service companies and online gaming. These services are commoditizing the art of hacking by making it possible for novices with no experience to launch large scale attacks.