Dodging Dire Consequences in the Age of DDoS Attacks

DDoS Attacks: Malicious Crimes with Dire Consequences

In today’s world, every business needs an online presence. Whether we're talking about retail, gaming, or healthcare, being online is critical. Networks are now an expected, on-demand service, and both business success and in some cases, people’s lives, depend on it. Yet, within the blink of an eye, your network can be taken away and denied to your customers via a malicious, deliberate Distributed Denial of Service (DDoS) attack

In October of 2016, Dyn, which maintains DNS records for hundreds of prominent enterprises such as Amazon, CNN, PayPal, Twitter and many others, was attacked by a massive DDoS attack that denied access to customers and fans globally. It was attributed to a botnet comprised of thousands of IoT devices which had been infected with Mirai malware. The culprit? An unhappy gamer who initially targeted a gaming company, but impacted a massive number customers. Call it carpet bombing to kill one business while impacting hundreds of unsuspecting, unrelated victims.

Carpet Bombing Countless IPs & Networks + the Rise and Fall of Black Holing

This form of “carpet bombing” is the basis for DDoS in that while it targets one IP or network, any other IPs or networks on that infrastructure suffer as a result of being in proximity. The DDoS is sent from thousands of devices (in the case of the Dyn attack, hundreds of thousands of internet-connected devices, not just computers) to the target IP of the business a malicious actor intends to disrupt. It floods the network with 10 to 100G of internet traffic, disrupting business operations or the specific target and anyone within the same infrastructure. The perpetrator is typically pursuing a specific business, but a DDoS attack by design takes out far more.

The size and frequency of attacks are growing daily. In the fourth quarter of 2016, more 100GB or greater DDoS attacks were recorded than all past years combined. The DDoS attack that took out Dyn numbered in the terabits, larger than any of its destructive predecessors.

In the past, it was common practice to use a tactic called “blackholing” In which traffic bound for a targeted IP was rerouted to the edge to maintain operations for the rest of the network and other businesses. While effective, it required sacrificing the attacked business to save innocent bystanders.

A New Solution: Automated Detection and Scrubbing Mitigation with Flexential

At Flexential, we’re not a fan of blackholing, and as part of our commitment to 100% uptime, we’re determined to take a different path. Through extensive research of best practices and by leveraging internal and external tools, we developed a quick, cost-effective solution that protects our customers and supports our 100% uptime guarantee: Automated Detection and Scrubbing Mitigation. This unique solution takes the guesswork and manual time to defend against a DDoS out of the equation. It provides DDoS protection tools, by using standard, practiced detection mechanisms, coupled with our scripts to move traffic automatically off of the Flexential network to a service provider who scrubs the traffic within a matter of minutes and returns it to the attacked network. The end result is 24x7x365 automated protection to ensure your business is always on.

Using this solution, we’ve successfully and automatically mitigated over 50 attacks in the last six months without manual intervention. More than 20 of the attacks exceeded 10G of traffic, with the largest being over 30G. Without our unique solution, all of these DDoS attacks would have had significant impact to multiple customers.

Everyone deserves the best possible chance to be successful, protected, and available 100% of the time. We recognize the trust and livelihood customers put in our hands, and we owe it to all of you to prove time and again that you made the right call.