The New Reality in a World with DDoS Attacks

Written by Richard S. Westmoreland. Posted in Blog Post

A distributed denial of service (DDoS) attack is a term the average person is probably not familiar with. However, if you have attempted to conduct any form of banking online over the past several weeks you may have experienced difficulty getting onto the sites of our nation’s largest banks due to a DDoS attack. Dozens of financial institutions – including Bank of America, Wells Fargo and Capital One – have been targeted recently.

Before we get into why these attacks are taking place, let’s take a step back and examine what a DDoS attack is and why they are so effective. The speed of an Internet connection is determined by the size of the ‘Internet pipe’ in place and the hardware and software components in place that process and route the connections and requests. While the concept of data running through a ‘pipe’ may be a bit confusing, think of it in simpler terms such as water, the larger the pipe, the more water that can flow through, while valves and faucets would represent the various hardware and software elements connected to the pipe. The Internet works on the same principle. Most banks have in place an Internet pipe capable of handling up to approximately 20 gigabits-per-second of Web traffic. What a DDoS attack does is flood the website with traffic upwards of 40 – 50 gigabits-per-second until the denial of service (DoS) occurs when the weakest link breaks. It becomes “D”DoS because the source of the packets are spread out over hundreds to tens of thousands of different contributors to the DoS, simply overwhelming the site and causing it to crash.

Now that we understand how the attack works, many of you will want to know what can be done to stop them. The truth is, DDoS attacks are extremely dynamic and difficult to stop. If it were simply a DoS, it could be blocked, but the distributed element makes it nearly impossible to guard against. In the recent attacks on our financial system, advanced warnings of the attacks were issued, yet the banks were still powerless to stop them. While larger entities would typically have an easier time fending off attacks due to their breadth of resources, in these cases the attacks were coordinated through data centers which proved simply too much for their defenses to handle.

Preparing to defend against DDoS attacks has become an accepted cost of doing business in today’s cyber environments. While there is progress being made in the battle against small to mid-size DDoS attacks, the only way to truly battle against a large scale attack is by throwing more resources and brute force at the problem than can be sent your way during an attack. This method is for the most part economically impractical as the cost of upping your bandwidth – two to three times current levels and having it sit idle when not defending against an attack – is simply not feasible. So for at least the time being, most large scale DDoS attacks are not defended against, but simply waited out.

DDoS attacks are normally launched to send some form of a message and can vary greatly in terms of their sophistication. It has been widely speculated in federal circles that due to the sheer mass and complexity of these recent attacks that they are the result of an escalating cyber war with Iran. DDoS attacks have become the preferred and paid weapon for many politically motivated groups. This is both a scary and positive aspect to these types of attacks. The negatives are that they are perpetrated by professionals who have the skills and resources to effectively launch these attacks and there is little that can be done to stop them. The consolation is that these attacks are generally shorter in duration before moving on to other targets.

What has many observers concerned is the evolution of these attacks. While it is certainly an inconvenience and a potential business hit to have a website shut down for long periods of time, we have yet to see it have a large scale economic impact. That could be about to change. In a recent FOX Business story, Matt Egan explored the potential economic damage that attacks similar to the ones in the banking industry would cause if they struck U.S. retailers this holiday-shopping season, impacting what are projected to be online sales of approximately $54 billion. As Dave Aitel, a former computer scientist at the National Security Agency said, “I don’t think people are really prepared mentally to what happens if Amazon goes down.”

Welcome to the new reality in the world of DDoS attacks.

Tags: , ,

Trackback from your site.

Leave a comment