Evernote, Feedly, and 5 Lessons From Recent DDoS Attacks

Evernote, Feedly, and 5 Lessons From Recent DDoS Attacks

June 24

Distributed Denial of Service (DDoS) attacks are nowhere near as sexy as annoyances like the  infamous Heartbleed bug wreaking havoc on the internet community. However, they represent what is arguably the biggest threat to any business operating online. By recruiting an army of enslaved “zombie” computers, a DDoS attack can easily bring a website, app, server, or entire network to its knees with a flood of traffic requests. Its effectiveness is alarming and judging from all the recent activity, occurrences are on the rise.

Early this month, note-taking app Evernote reported that it had been victimized by a DDoS attack. The app was out of commission for approximately 10 hours and as a result, users had to deal with data syncing issues. Cloud security vendor Incapsula suggested that one of its clients, an online gambling site, was hit even harder. According to the firm, the victimized site was blasted with an array of different DDoS attacks peaking at a blazing 100 gigabits per second. Perhaps the most interesting of these strikes was the attack on RSS feed reading service Feedly.

Feedly was the victim of both a DDoS attack, and attempted extortion. Sounds like something straight out of a mafia flick, but a rep from the company said that the perpetrators were demanding money to halt the attack. Project management software creator Basecamp reported a similar incident earlier this year. Instead of giving in to the demands, Feedly contacted its network partners to mitigate the problem and in concert with victims of the same attackers, consulted with law enforcement.

Like many of today’s most nightmarish security threats, DDoS attacks are fueled by malware. An attacker may use a piece of malicious software such as a Trojan horse that compromises a single computer, then goes on to program hundreds or thousands of other machines to do its dirty bidding. And like most threats, these attacks thrive on exploiting holes in existing IT infrastructures. In fact, flaws in your website or operating system could have you unknowingly participating in a strike against someone else.

Takeaways for Online Businesses

The recent wave of DDoS attacks should put online businesses on notice, especially those with a strong presence in their respective markets. Here are some important lessons to take away from these latest disturbances.

1. Attacks are Stronger

The onslaught Incapsula fought off shows just how advanced DDoS attacks have become. This particular attack involved five different techniques: a SYN flood, large SYN flood, DNS flood,  DNS amplification, and NTP amplification. These so-called “multi-vector” attacks are not only more effective,they’re becoming more common. Incapsula found that roughly 81 percent of DDoS attacks are of the multi-vector variety.

2. Revenues and Reputations are at Stake

A DDoS attack can go far beyond being a nuisance when the user base is affected. Just think about what could happen if your online store goes down to one of these things. Right off the bat, you stand to miss out on countless dollars due to lost sales. Even once everything is back up and running, people who buy stuff from you will start to wonder if their credit card information and personal details are safe when they make the next purchase. No matter how you spin it, you may lose some of their trust.

3. Traditional Protection Isn’t Enough

Traditionally, businesses have used a combination of firewalls and intrusion detection systems as a form of DDoS protection. These methods are proving less effective as attacks become more advanced. When well over 80 percent of your activity is malicious traffic, measures that work fairly well against other attacks cave with relative ease. Attacks have evolved. IT security strategies must involve in order to mitigate them best as possible.

4. Small Businesses Aren’t Big Targets, But are Most Vulnerable

When DDoS attacks get media attention, we’re typically hearing about banks, tech companies, or other well known entities taking a hit. It’s rarely the site for a local plumbing company or niche developers forum making the news. If you’re a small business, your chances of being targeted may be slimmer than a globally renowned brand, but that doesn’t necessarily mean you’re in the clear. The fact that smaller companies lack those large corporate budgets needed to build out a viable DDoS protection strategy in-house makes them vulnerable to the simplest of attacks.

5. Multi-layered Protection is Needed

As for what’s the best way to fend off a DDoS attack in 2014, a holistic approach looks to be the best solution. Since the tandem of firewall and intrusion detection software has been rendered insufficient, organizations need an even more diverse mix to keep these strikes at bay. Security experts recommend a multi-layered DDoS protection strategy, which may blend traditional methods with third-party solutions and seasoned mitigation specialists who respond in timely fashion on the heels of an attack.

What’s really scary about the whole DDoS dilemma is the very nature of the internet itself. With the convenient access it offers to high-performance servers, gourdes of bandwidth, and valuable insights on targeted corporate networks, modern day attackers have all the resources needed to disrupt entire industries with a capable tool that grows more destructive by the year. You may think all your moderate success is flying under the radar, but if you have something to lose, DDoS protection should be covered in your IT security plans.

Photo Credit: othree via Flickr