According to a PWC report, cyber attacks amount to 29% of all economic crimes. As “ITFocus” research has revealed, one of the key challenges which the Polish data centers face is ensuring cybersecurity. Protection against cyber attacks is a natural extension of connectivity services provided by data centers.
One of the most popular hacker attacks are DDoS attacks (Distributed Denial of Service), paralysing a computer network or system by sending a large amount of requests. The typical signs of such attack include longer web page display time, more spam, network/service access denial, worse network performance, or more help desk requests.
Cyber attacks have evolved a lot over the recent years. Today these are multidimensional attacks and affecting both networks and applications, with greater reach and bandwidth,
using e.g. open DNS servers. Cyber criminals very often use easily available tools and botnets, i.e. computer networks infected with bots. The total computing power (and generated traffic) of botnets can be considerable, that’s why effective counter measures of this scale are becoming increasingly more difficult. It requires technologically advanced solutions not only to fend off cyber attacks, but most importantly to capture threats and effectively protect websites, networks, and applications.
Effectiveness of modern anti-DDoS solutions uses mostly machine learning techniques. Intelligent algorithms analyse network traffic between users and web applications in detail. Following the analysis, typical dynamic characteristics of network traffic are defined, allowing detection of all anomalies, at the same minimising false alarm risk. Intelligent algorithms are also used to analyse user generated requests. Machine learning algorithm helps stay one stay ahead of cyber criminals and detect even those attack techniques, which haven’t been used yet (so-called 0-day vulnerability).
In order to protect your business effectively against cyber attacks, it’s recommended to have a comprehensive security strategy and use services provided by a professional supplier. There are a few leading DDoS protection suppliers using modern technologies and world class experts. Activating such protection usually takes several minutes and doesn’t require from the customer any changes to the application but for DNS records. Once the protection is active, the entire HTTP/HTTPS web traffic goes through a filter layer, where each packet and request is verified in detail. Another important measure is website security monitoring in real time. Using real-time data, customers can set up each security policy very precisely and make strategic decisions based on real, current data.
It is very often the case, that a DDoS attack is only a smoke screen to hide more serious crimes, such as stealing sensitive data or intellectual property (unique content, copyright pictures). In order to protect against such incidents, we use Web Application Firewall (WAF) adapted to detecting typical web crawlers, both good, which are harmless, and those scanning websites in order to copy content (e.g. Scrapy, Nutch, Surveybot). Bad bots are eliminated using static defied rules applied for the purpose of protected application, or reputation and user behaviour testing algorithms. It enables application monitoring against any anomalies and non-standard user behaviour, letting WAF effectively block attempts at scanning the entire service e.g. to steal content. Suspicious activity can be prevented or minimised by limiting access to unauthorised confidential data (credit card numbers, passwords), making it impossible for malicious bots to steal intellectual property.
Other points of vulnerability have been opened up by the Internet of Things (IoT). IoT covers online equipment and services we use every day. Unfortunately, along with our comfort come many risks. Smart devices introduced on the market are user friendly, well designed, have interesting functionalities, yet they are still poorly protected. The users aren’t aware of the risks they carry, either. Experts predict that attacks targeting such devices are going to increase. Hacked domestic devices can be a source of valuable data for cyber criminals (account numbers, online banking passwords). In order to guarantee high level of our data security, we need to protect it and systematically update our software.