Nowadays anyone can hack, even an elementary school student. How to protect companies and state institutions from DDOS attacks?

cybersecforum.eu 1 rok temu

Nowadays anyone can hack, even an elementary school student. How to protect companies and state institutions from DDOS attacks?

WEDOS is the largest and fastest-growing hosting provider in the Czech Republic. The company was founded in 2010 and in 31 months has become the market leader. Due to the number of customers and probably their rapid growth, they have been the target of various cyberattacks since the beginning. In 2013, these attacks were so frequent that they had to look for some advanced solutions. Eventually, after unsuccessfully applying third-party solutions, they started building their own.

In 2021 and 2022, they were the target of the strongest DDoS attacks in the history of the Czech Republic. In both cases, their 300 Gbps connectivity was nearly overwhelmed. While in 2021 the attacks peaked for only a short time, in 2022 they lasted several hours and peaked for several minutes. Although these attacks did not cause them any noticeable damage, many local ISPs with smaller connectivity throughput had problems because of it.

That’s when they realized that if they wanted to defend against future attacks, they would not be able to do it in the Czech Republic. They need to build a global network of reverse proxies where they will use BGP Anycast to direct traffic. They named this global network – infrastructure WEDOS Global. Currently, they have more than 1500 physical servers in 25 locations around the world and connectivity over 2.5 Tbps. Thanks to this they can defend themselves and their customers against even very strong attacks because they mitigate them in the location where they occur.

They can protect their customers’ websites against strong DDoS attacks at the L3, L4, and L7 layers. WEDOS stands between the customer and the Internet and filters out any attacks. Neither their strength nor their type is important. Everything is filtered in a particular location. The company can see into the traffic, so their protection works as a WAF (Web Application Firewall) as well.

Humans don’t stand a chance, today machines have to fight the threats.

With more than 140,000 domains hosted directly by WEDOS, they have data from all of them and adjust the filtering rules based on that. They know exactly what goes through to the webserver and what impact it has on it. The company can evaluate it in real time and reacts to it. It’s all handled by dozens of robots, and hundreds of algorithms, constantly creating tens of thousands of customized rules.

Their solution is fully automated. Attackers can launch a very powerful synchronized attack with thousands of IP addresses around the world with split-second accuracy and shut it down again immediately when the target server has a problem. Humans don’t stand a chance against these types of threats, so today machines have to fight them.

By monitoring so many sites, WEDOS also sees the activity of bots trying to be inconspicuous. Receiving a few strange requests to your site in an hour, it’s easy to miss them in the log. But when you aggregate data from tens of thousands of sites, you see patterns where attackers are looking for new vulnerabilities altogether.

With the rise of smart devices and smartphones, whose computing power and connectivity are growing every year, WEDOS is seeing attacks grow as well. They’re not just getting stronger, they’re getting smarter. They can better disguise themselves as real traffic. A few years ago, everyone was afraid of L3/L4 attacks, which can overwhelm the connectivity of an entire data center. Today, web attacks over L7 are undistinguishable from real traffic that the data center is not able to look into. Specific websites go down when the attackers want to. Owners are disconnecting international connectivity out of desperation.

Anyone can hack. An elementary school student can take down his school’s IT system.

When the war in Ukraine started, a large number of scripts just for L7 attacks became public. These are simple scripts that even a smart elementary school student can run and take down a whole school system. Those scripts are still available and have tens of thousands of downloads. It’s only a matter of time before they become a „normal” part of the e-commerce competition.

Idź do oryginalnego materiału