Akamai Diversity
Home > John Ellis

Recently by John Ellis

No holidays for cybercriminals

This year marks the 10th anniversary of the Great Singapore Sale (GSS). Over the years, we have seen how the annual event has evolved - from expanding into the heartlands to retailers moving online, attracting more customers.

Shopping has long been recognised as a national pastime for Singaporeans, with eCommerce fast becoming a norm. PayPal observed a 12% year-on-year increase in purchases made by online shoppers in Singapore during the year-end holidays of 2013, largely driven by Singaporeans attracted to overseas sale seasons like Black Friday in America and the Chinese New Year sales in China.

DDoS, as simple as your ABC's

DDoS tool kits, and DDoS-for-hire along with some bitcoins, anonymous email, a TOR connection and a sense of purpose, has made it trivial for individuals, hacktivist collectives and cyber criminals to launch an effective DDoS attack.

SSL, could this be your Achilles heel?

Have you embraced SSL/TLS to protect the sensitive parts of your website and used client certificates to authenticate connecting parties? If so, this new layer of security may expose you to a whole new set of threats - Distributed Denial of Service (DDoS) and application layer attacks over SSL.

Many people still think DDoS is all about volume - at Akamai we're saying (and seeing) that resource starvation attacks will become more and more prevalent as attackers realize that they can do the same amount or more damage with less computing resources - and to defend against it, you as a security professional need to think differently.

The reality is that a small, but well-organized, DDoS attack that attacks both encrypted and unencrypted web content can easily exceed 3-4Gbs of sustained DDoS traffic. This volume of traffic will knock most organizations off the air, and even if it is not a volumetric DDoS attack, attacks at the application layer can easily consume back-end resources without starving your network bandwidth.

For reference, the largest DDoS attack ever recorded was 124Gbps against a US government website in July 2009.

An emerging trend for attackers is to attack certain SSL handshake functions creating a resource starvation condition. A server will typically use 15x more computing resources in the SSL negotiation than the attacking system. This in turn provides the attacker with excellent economical advantage with force multiplication.