Distributed Denial of Service: A nasty problem or what?

  • Team Omega
  • March 30, 2017

DDoS Distributed Denial of ServiceA Distributed denial-of-service (DDoS) attack refers to flooding of a server with junk requests until it fails to respond to legitimate ones. Similar to spam, which costs pennies to send millions of messages, DDOS attacks are cheap to launch, but the impact on networks and computing costs to the retailer are huge and constitute some of the most serious security attacks in modern computing. The low cost of development and risk to your business operations are the reasons why DDoS are so dangerous and prevalent.

DDoS Disease

Consider the creators of “IP Stresser,” two seventeen-year-old Israelis who’ve been arrested for enabling DDoS attacks.  According to Krebs on Security, “the hacking of vDOS revealed that in just two of the four years the service (IP STresser) was in operation, it brought in revenues of more than $600,000” and in the “span of less than three months was responsible for more than 150,000 attacks”. When two kids in Israel can earn over a half-million dollars selling malicious code from their computer, the incentive to drive the threat vector forward will continue. Recent figures indicate that nearly 20% of all network outages are a result of DDOS attacks; we expect this number to grow.

Eradication of DDoS is not possible, but limiting is!

DDoS attacks, using a botnet, takes little effort to create and can launch massive attacks. Preventing DDoS is basically impossible; the challenge is to limit the DDoS attack’s ability to cripple your network. Today, most small companies have no protection to manage a DDoS. There are a variety of DDoS detection tools and technology available to minimize the impact of DDoS attacks on your organization. Even small DDoS solutions can cost thousands per month, not to mention the bandwidth and computing resources to detect and filter bad packets. Advanced systems manage DDoS at the store perimeter. Retailers with multiple locations should consider using systems that place devices at their locations rather than centralized web-based solutions.

Omega helps identify and block DDoS

Omega’s systems fine tune the exact types of “flooding and flood timing windows” without using network resources. In addition, Omega’s system will identify flooding types including SYN, UDP, ICMP and others that are blocked by packet rate exceeding specific rates for both the source and destination of flooding. When any of those types of flooding are detected, the traffic is temporarily blocked, the occurrence is logged, and alarms notify the IT team for a more in-depth analysis.

DDoS is a nasty problem without an easy solution. Stopping a major DDoS attack — one that corrals traffic in the hundreds of megabits per second and flings it your way — requires major DDoS protection. DDoS attacks utilize unprotected devices connected to the Internet to exponentially grow the attacking army. The exponential growth of IOT enabled devices provides a target rich environment for the bad guys to exploit. DDoS is criminal behavior and a defense strategy is an urgent security need for any company. Selecting the correct solution requires an in-depth understanding of the various offerings, including knowledge of what each can and cannot do for your particular system and situation.

Interested in learning more? We’d love to hear from you. Contact the team at Omega ATC  at security@www.omegasecure.com.