Over the past year or so we have done a bunch of research into denial of service attacks, at both the application and network levels. Tactics are one thing, but we usually start with adversary analysis. You know: who wants to pop your environment and steal your stuff. Or maybe just knock you down so you can’t get up.
Not that this is news, but shakedown via DDoS is still alive and well. And even the mass media is catching on, as evidenced by this BBC article. This quote from the CEO of CloudFlare describes the attack is language even I can understand.
In the physical world, you could think of it as a sit-in, or if you had all of your friends going to a store, fill the entire space and not actually buy anything.
So what do you do? Do you pay the ransom? I suspect many organizations do. Over and over again. Can you fight? Yup. There are a ton of services out there that can help defend you against a DDoS. Some are enterprise-capable, with all sorts of networking kung fu to move traffic into their scrubbing centers at the onset of the attack. Others provide this service as part of a CDN or performance optimization service.
Either way, if you have an important site that can’t go down, you need to make sure you protect it from 21st century mobsters, doing the 21st-century equivalent of throwing a brick through your window.
How you doin’?
Photo credit: “The Godfather” originally uploaded by Alex Eylar