DDoS (Distributed Denial-of-Service) attacks on SSL secured services are on the rise and becoming increasingly aggressive – no wonder, therefore, that these are getting more and more attention, as anxieties rise.
The upshot, when it comes to social media in particular, is that high profile services have rushed to embrace SSL (Secured Socket Layer) at its highest level, so as to improve security and address privacy concerns, while protecting transactions and services. After all, none of them wants to be the site that reveals your most personal details to hackers.
If you’re not fully yet familiar with DDOS and its implications, it’s worth knowing the kinds of havoc they can cause and why those extreme levels of protection need to be in place. So here’s a quick overview that may help you to avoid suffering a denial of service in your own workplace.
In a typical DDoS attack, a hacker (or cracker) tracks down and latches on to a vulnerability in one of your computer systems, making it the DDoS master. It is from here that the interloper identifies and communicates with other systems that can be lured into the fold.
“The intruder loads cracking tools that are freely available on the Internet on multiple – sometimes thousands of – compromised systems,” states Margaret Rouse, who writes for and manages WhatIs.com, TechTarget’s IT encyclopaedia and learning centre (http://whatis.techtarget.com). “With a single command, the intruder instructs the controlled machines to launch one of many ‘flood attacks’ against a specified target. The inundation of packets to the target causes a denial of service.”
While the media tend to focus on the target of DDoS attacks as the victim, in reality there are many victims in a DDoS attack – the final target and also the systems controlled by the intruder. “Although the owners of co-opted computers are typically unaware that their computers have been compromised, they are nevertheless likely to suffer degradation of service and malfunction,” she points out. “Both owners and users of targeted sites are affected by a denial of service.”
So what’s the answer when it comes to ensuring you have the right protection to ward off such attacks? First off, service providers need to make sure they put DDoS protection at the data centre edge – in front of the DDoS attack surface and as invisible as possible – not part of the attack surface itself, advises Rouse. Also, they must operate multiple levels of detection, using individual host behaviour, aggregate behaviour of multiple hosts, known signatures and attributes of botnet traffic, IP location etc.
They should have multiple levels of mitigation, too. Finally, automate as much as possible, provide manual controls and report on what is going on (where traffic is coming from/going to, what’s requested, rates, what was blocked/passed).
Make no mistake about it, this is war – but one that’s unlikely to have an ending. There will be no truce offered to you by the assailants. SSL will protect social media site users, but service providers have to use it to its maximum capacity and efficiency, and remain constantly vigilant and proactive, if they are to keep the would-be intruders at bay and you protected.
For more information on website security download the Symantec website security threat report