Akamai Diversity
Home > Web Security > Mitigating DD4BC DDoS attacks in Australia and New Zealand

Mitigating DD4BC DDoS attacks in Australia and New Zealand

The past fortnight has been a hectic period for Akamai's security teams in Australia and New Zealand. We've been approached by a number of financial organisations, and large and medium sized business to help mitigate DDoS threats from DD4BC. If you're not familiar with DD4BC, here is a updated writeup on their extortion attempts by Bill Brenner
The problem of DDoS is very real and extremely difficult for a single organisation to mitigate by themselves. Even carriers and hosting companies that have multiple gigabits of bandwidth are struggling to fend off these attacks. The reason is that you need to have available at your disposal more resources to fend off the attack than what the attackers can throw at you. With the going rate for a DDoS attack pegged at around $50-100 per hour, it's a very low cost of entry for the attacker, but to have hundreds of gigabits available to fend of an attack is too cost prohibitive, even for the biggest financial institutions in the world.

The best way to get rid of these attacks is to block attacks as far away as possible from the asset you are trying to protect, in other words, as close to the attacker as possible.

A good analogy is - getting through security checks when you depart Australia for the United States. You get to the airport, check in and then go through customs and immigration. When you get called to the gate for boarding, there is an additional layer of security checking that doesn't seem to be at any other gate. Here they will check your passport, your visa, your shoes and your carry-on luggage. This third layer of security checks is not conducted by the Australian government, but by the United States government, to stop criminals before they get on the plane. This dramatically increases the efficiency of U.S. customs and border protection at the end point in the U.S. and makes the process much more efficient for all involved.

This is exactly how Akamai's Cloud Security products provide protection for Australia and New Zealand's leading websites, and some of the world's largest banks. Akamai delivers between 15-30% of the worlds Internet traffic on any given day. We block billions of attacks a day targeting the world's largest online platforms. So the combinations of these capabilities put Akamai in a very unique situation.

Akamai protects against any form of attack (application layer and DDoS) on the customers fully qualified domain name or hostname, by using the world's largest distributed computing platform, Akamai's content delivery network (CDN). It includes the market leading Web Application Firewall (WAF) to block SQL Injection, XSS etc. and Site Shield to cloak the origin servers from the Internet.

DNS is often overlooked when securing an online investment. Akamai can ensure that DNS is always available. Attackers understand that manipulating DNS one of the easiest ways for an attacker to bring down a website.

To ensure that your online presence is always available, the three foundational pillars of DNS, Application and Infrastructure must be always available. By offering 100% availability SLA's on the CDN and DNS and the fastest time to mitigate SLA's, Akamai has the best solution in the market today to ensure your online applications never go offline.

It's unfortunate that we see the majority of the DDoS attacks source from IaaS providers today. This is not because the IaaS vendors are attacking us, but because the virtual instances hosted in there are being compromised, they are so easily spun up and the owners typically don't patch the OS or patch the application. So the attackers constantly are looking for these very well connected and well-endowed servers to compromise and add to their botnet harem for remote control.

It's best to plan protection mechanisms before you get attacked. However, if you do receive a letter from DD4BC or you are experiencing volumetric or application layer attacks, please feel free to reach out to us, and we can help remove these risks for you.

Leave a comment