Picture this - you arrive to your office early in the morning to finalize your back to school promotions so you can move on to your holiday marketing plans. As you are busily trying to answer emails, you came across an ominous message explaining to you that if you don't pay 40 Bitcoins, a group you've never heard of would knock your site offline in 24 hours with a powerful distributed denial of service (DDoS) attack. A DDoS attack can be carried out in many different ways but at the most basic, it is executed by flooding a website with more traffic or requests than the infrastructure can handle - thus taking it offline for legitimate customers. It may sound like the plot to a movie but unfortunately it's a reality. Check out our coverage of the DD4BC operation here.
The Commerce industry continues to see an increase in attacks of this nature. Here at Akamai, we saw that DDoS attack activity set a new record in Q2 2015, increasing 132 percent compared to Q2 2014 and increasing 7 percent compared to Q1 2015. You can view all the state of the Internet stats here. In fact, the retail vertical is one of the top targets for attack traffic on the Akamai platform. Cybercriminals continue to target the innocent victims by attempting to taking down a retailer's site, which can also have significant financial impacts by compelling some victims to pay in the hopes that extortionist move on. According to the findings conducted by Ponemon Institute, Web application security is considered equally critical or more critical than other security issues faced by organizations, and incidents are increasingly more common. As such, respondents believe Web application attacks have cost their organizations approximately $3.1 million in the past 12 months alone. A recent Forrester article also stated that Fortune 1000 companies stand to lose up to $2.5 billion a year due to unplanned outages.
While being unable to serve customers and sell items will directly impact a retailer's bottom line, there is also the far-reaching damage to the brand and customer loyalty. In a recent study by Akamai, one in five consumers said they wouldn't return to a site they have had problems with. Often consumers do not understand the difference between the many types of attacks, including DDoS, site defacement or theft of personal data. If a site is unavailable because of an attack, a company runs the risk of losing consumer confidence in the retailer's ability to protect their data resulting in a loss of perceived brand value.
Even though IT organizations attempt to avoid single points of failure as often as possible, there are some things beyond their control. This includes the number of physical co-locations, available bandwidth and scalability of appliances. These bottlenecks in the systems are what DDoS attackers target and overwhelm.
By extending security beyond the datacenter, Kona Site Defender thwarts DDoS attacks by deflecting network-layer DDoS traffic and absorbing application-layer DDoS traffic at the network edge. Mitigation capabilities are implemented natively in-path to protect against attacks in the cloud before they reach the customer origin. Kona Site Defender also incorporates a highly scalable Web Application Firewall (WAF) that protects against application-layer attacks in HTTP and HTPS traffic, such as SQL injections and cross-site scripting (XSS). The key is stopping the attack traffic in the cloud, but still allowing customer traffic to keep flowing to your site - this removes the potential attack vectors that act as bottlenecks such as your datacenter bandwidth, routers, firewalls or web servers.
Kona can be used in conjunction with Prolexic Routed to protect entire IP subnets, including all web and IP-based applications within those subnets, any supporting network and data center infrastructure and the network bandwidth into data centers. Prolexic Routed leverages the Border Gateway Protocol (BGP) to route all of an organization's network traffic through Akamai's globally distributed scrubbing centers. Within each scrubbing center, Akamai SOC staffs then inspect the network traffic for potential DDoS attack vectors, drop detected attack traffic and only forward clean traffic to the application origin. Built on a global network with more than 2 Tbps of dedicated capacity today, Prolexic Routed protects many of the world's largest Internet-facing organizations from the largest known and most sophisticated DDoS attacks.
So before the holidays make sure you have a plan in place and that your IT security playbook is prepared in the event of an attack.
Jason Miller is Akamai's Chief Strategist of Commerce.