DDoS Attack : An ongoing threat

With the exponential growth of the volume of data transiting through the Web, Distributed-Denial-of-Service (DDoS) attacks are becoming increasingly frequent. And while 31 billion IoT devices are expected by 2020[1], the impact and consequences of DDoS attacks could be considerable in the future.

"DDoS attacks can take different forms - saturation of server bandwidth to make it unreachable or exhaustion of machine system resources, for example - but they always follow the same logic", explains Sébastien Grelot, Technology Team Leader Service Provider Networks at Telindus. "A DDoS attack is intended to render a server, service or infrastructure unavailable, thus preventing it from responding to legitimate traffic. These attacks are used not only for extortion purposes, but also for ideological or political reasons, or with malicious intent", he adds.

The years go by, but the threat remains

This type of attack is not only one of the most common (ranking just behind malware in terms of the number of cases recorded), it also becomes more accessible, less expensive and less risky, as pointed out in the latest edition of Europol's report on organized cybercrime[2].

According to the European criminal police agency, it is now very easy for unskilled individuals to obtain the necessary tools and launch large-scale DDoS attacks. The Europol report also identifies the availability of booter and stresser on-demand services as a major contributing factor to the increasing number of cases dealt with by law enforcement services.

New attack vectors appear regularly. Since its emergence in 2016, Mirai has made several media appearances. Under this name, we find a malware that was used to infect hundreds of thousands of connected IoT devices to coordinate devastating DDoS attacks on various targets through the botnet thus formed. Since then, the creators of the original Mirai program have been imprisoned, but variants of the malware are still active.

Alerting the businesses

"All of these factors pose a growing risk to businesses and, in particular, to the availability of their services, whether it be a web banking site, an e-commerce platform, or an online gaming site", says Sébastien Grelot. "Organizations are not sufficiently aware of this fact, and that is why our primary concern is to educate our customers about the business risks posed by DDoS attacks and the need for an effective defense system", he adds.

The real-time protection solution against volumetric DDoS attacks proposed by Telindus is based on a continuous traffic monitoring service. "During a DDoS attack, a multitude of requests is sent simultaneously from multiple points of the Web. It is the intensity of this 'bombing' that makes the service unstable or unavailable," says Sébastien Grelot. "The efforts of our experts consist in analyzing all packages rapidly and in real time, diverting -  if necessary - the incoming traffic towards a scrubbing center hosted in Telindus infrastructures and separating the non-legitimate elements from the rest of the flow to redirect the legitimate traffic to its final destination, the company's website, for example."

A personalized approach

The team in charge of DDoS protection is composed of a dozen experts reporting to the Telindus Connectivity Department. "It is important to have skills in both IT and telecom to comprehensively address the different facets of this issue. Our customers themselves emphasize the relevance of this dual competence", says Sébastien Grelot. "The same team is in charge of implementing both Internet connectivity and DDOS protection which can therefore be taken into account right from the start."

"Our customers also tell us that they value the personalized support they receive from Telindus. By helping companies establish a tailored DDoS mitigation strategy, from the development of mitigation scenarios, to the regular review of procedures, through continuous traffic monitoring, we enable them to benefit from a simple, effective, and scalable protection solution."

[1] Statista, Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025
[2] Europol, The 2018 Internet Organised Crime Threat Assessment, IOCTA 2018