30 Nov 23
Optimize your data with an anomaly detection system
As the volume of data on a website increases, analyzing it manually can become a nightmare. An anomaly detection system […]
The perfect storm
18 Jun 24
It could be the title of a movie, but it isn’t. Let’s put ourselves in context:
It’s an ordinary summer morning, part of the team is on vacation and others have just returned. Everyone is working on their respective projects on a very quiet summer day. Suddenly, a screen becomes red, too red. A colleague from the origin team raises her voice saying “Something is happening on client X’s web servers”. And keep in mind that we call it “X” for confidentiality, not because we are providers of the well-known social network ;). At the same time, alerts are triggered on the team that manages the cybersecurity suite service, which quickly goes into action.
This client “X” has contracted the Origin service with Transparent Edge to improve performance and optimize delivery from its web infrastructure, it also has a delivery service.
What happened next is now history: more than 65,000 IPs blocked, more than 6.5 million requests supported and around 500 Gbps served.
Although it was not fully proven, in the investigation we carried out during and after the attack, the evidence seemed to indicate that part of the Mirai network, or an evolution of it, was being used to try to hijack our client’s website and that, due to the typology of the requests, the attack was not directed against our infrastructure, but against the client’s, using a targeted and sustained DDoS to try to achieve its objective.
It was a great victory for our team and the first of many to follow, as the cyberattack landscape tends to become more and more complicated and frequent. Detection in time was key and the reaction was impeccable.
How does a DDoS work? To understand what a DDoS is, we are going to decipher the acronym:
Distribution, because it is a distributed attack.
Denial, because it seeks denial, saturating the attacked infrastructure.
of
Service, because it does not consist of denying for the sake of denying, but rather pursues the denial of the service of the attacked.
The simplest denial of service (DoS) attacks are carried out from a single location. On the other hand, more sophisticated attacks use vulnerabilities, faulty configurations, or login settings that are too permissive, to gain access to devices connected to the Internet and, from there, launch controlled attacks against targets. To do this, they use software previously installed on these devices, infecting them until they are restarted.
These attacks require a high distribution capacity, so the attacker, once he has gained access to the device, launches the execution order from a control device so that all infected devices execute the software and carry out the attack in unison.
So when you hear a news story that says “Three million toothbrushes trigger a DDoS attack” (a story that was debunked shortly after it appeared), don’t think that someone has three million toothbrushes connected in an industrial warehouse, but that there are three million toothbrushes infected with software ready to connect from their owners’ bathrooms and carry out the attack.
At Transparent Edge we have tools and services that can help protect your web infrastructure from distributed denial of service attacks. By simply having our Delivery service, you introduce a computing and response capacity that allows you to deal with peaks in demand and that, to a large extent, will mitigate small attacks of this type.
For more sophisticated and distributed attacks, all of our Perimetrical cybersecurity suite customers take advantage of Transparent Edge’s dynamic fingerprinting tools, which take into account, among many other factors, things like browser attributes, hardware characteristics, network properties, or behavioral patterns, using adaptive algorithms that are resistant to evasion techniques. And best of all, all of this detection and mitigation is done at the edge, as far away from your infrastructure as possible.
And we can do it for you, so you can focus on what really matters to your business and not have to worry about installing anything, since you have a team of experienced professionals at your side who, as Rudyard Kipling wrote in his book that gave rise to the film of the same name, “With only the impression of the wind in his face, he steered in all weathers, lending himself to the whims of the schooner…”
Compartir:
