Several facts can be unforgettable for the managers of an e-commerce operation. And a denial-of-service(DoS) attack can certainly be one of these. Maybe you haven’t suffered from this cybercrime, but you’ve certainly heard of someone who has.
No one will forget the company’s website displaying blank screens and error messages, or the customer complaints, as well as the loss and anxiety waiting for a solution. DDoS is a type of attack that has been known for almost thirty years, and its mitigation is well known to network professionals, but for various reasons there are companies that don’t protect themselves in time. In other words, many companies launch and maintain critical operations on the Internet without protection against this risk. In this article, you’ll learn a little more about the dangers of this cybercrime and what to look out for when choosing a DDoS protection provider.
Everyday life on the Internet hides many dangers
It’s not an obvious risk if you know the day-to-day running of an internet operation. But the dangers on the web can be very similar to those in the physical world. The real world has rain, wind, cold, heat, traffic, crime, everything. So, if you know it’s going to rain, you’d better buy an umbrella; if it’s going to be cold, you need warm clothes; if it’s going to be hot, you need air conditioning, and so on. And if you have a denial of service attack, you need a provider that offers DDoS protection and solves this problem. The provider will then act as a filter, preventing harmful traffic from reaching the company’s servers.
To explain further, harmful traffic is traffic that is intended to hinder the operation of servers. It delivers such a large volume of data requests that it exceeds its capacity to respond and causes them to enter a denial of service state.
DDoS protection is a necessity in the face of IoT advances
We all know that DDoS is a criminal act. It is triggered by someone who has managed to hack into a huge number of vulnerable devices and makes service requests through them. From then on, the hacked device behaves like a bot, a robot. And you can be sure that there are many, many vulnerable devices connected to the Internet. These are cameras, routers, locks, vehicles, coffee makers, fridges, baby monitors – all vulnerable. These are some of the devices that make up what is now known as the Internet of Things. To give you an idea, IoT Analytics estimates that in 2010 there were already 800 million Internet of Things devices. However, today there are 20 billion of them and by 2025 there will be 31 billion.
The overwhelming majority of these devices consist of very low-cost equipment in which the manufacturer has included little or no security. Unfortunately, most of these manufacturers don’t intend to make their devices more secure in the future either. In fact, most of them don’t have any possible software updates, because the manufacturer hasn’t even bothered. To make matters worse, they are connected to the internet with credentials that the manufacturer records before sending to customers. These are logins like the word “admin”, accompanied by the password “admin” – otherwise, the login “admin” without any password. And many users prefer to leave it at that, or at most change the password to an equally easy one like 12345.
So, as you can see, having DDoS protection is also a necessity for protecting IoT devices.
Vulnerabilities in the Internet of Things
Cybercriminals find this environment to hack the devices and thus create their army of machines – an army of bots, a botnet. This is how the Mirai botnet appeared, one of the best known among information security teams, which in 2016 carried out its largest-scale attack. This attack generated traffic that peaked at 1Tbps (one terabit per second), using 145,000 compromised devices against a hosting provider in France.
But just as Mirai appeared, many other botnets have appeared and disappeared, just as they can appear from one moment to the next. They can serve cybercriminals in a variety of ways. They are used, for example, in attacks against service providers in an attempt to extort money. In these cases, cybercriminals warn that they will only stop the attack once they have received payment for the blackmail. Until this happens, they maintain the attack, taking the provider offline. They are also being used in cyber attacks against critical infrastructure targets, as is currently happening in the war between Russia and Ukraine. In addition, many such attacks also occupied and distracted support teams, while the criminals used other strategies to break into servers and networks.
But when will such an attack take place? I don’t know. You probably don’t either. Nobody knows. However, it can happen at any time, out of pure hacktivism, revenge, dislike or any other motive chosen by the cybercriminal. This means that having DDoS protection should be a priority for companies all over the world.
What to look out for in a DDoS protection provider
If you own a company, you can take this risk. For this reason, hiring network service providers that have the right technology and structure to provide sufficient defense is essential. After all, technology without structure or vice versa won’t solve the problem, right? So how do you choose the right provider? We highlight three key characteristics for the choice:
1) Network capacity – The bigger, the better. The provider must have a traffic capacity greater than that of the attack, plus the capacity required for normal customer operation. That’s the minimum.
2) Cloud deployment model – The on-premises deployment methodology has well-known disadvantages and can be considered outdated, so the provider should offer deployment on a cloud platform, with the advantages of low latency, flexibility, low OPEX and ease of connection.
3) Operation for various network layers – DDoS attacks can be organized for various levels of the OSI layers. You need to check that the provider you choose offers protection at all the layers you need. In short, the provider must be able to carry out qualified filtering of incoming traffic, separating real requests from bot requests, including instant analysis of their behavior to continually refine this separation.
Get to know HugeGuard Cloud
Huge Networks has all these features and many more in HugeGuard Cloud, the cloud DDoS protection service. These include a global network backbone with a single AS present in more than 20 countries, functionalities for all IP protocols (TCP, UDP, GRE, AH, IPsec, ESP), all in proprietary and patented solutions that meet government and financial sector compliance rules. A fast and uncomplicated implementation with advanced 24X7 support in English and Portuguese provides customers with the security for an operation without the risk of denial of service now or in the future.
What’s more, you can test the service for free. Talk to one of Huge Networks’ experts!