The latest and greatest from Sungard AS



Business Disruption

DDoS mitigation: Your chance to fight back

5th August 2014

A new report shows that the number of Distributed Denial of Service (DDoS) attacks skyrocketed by 18% in the first quarter of 2014.

With such attacks becoming increasingly prevalent across all industry sectors, DDoS mitigation is no longer a ‘nice to have’ but a business essential.

This vital service can make the difference between being available to do business or being taken ‘off air’ – without any warning – for minutes, hours or even days. If the web is a key revenue-generating source for your organisation, the cost of downtime following a DDoS attack can quickly escalate to six or seven figures.

New type of DDoS attack

This year has seen the surge of a relatively new variation of DDoS threat: ‘reflection’ and ‘amplification’ attacks. These target what’s known as Layer 3 and Layer 4 in an organisation’s IT infrastructure – in other words, the networking protocols used to send messages between servers over the internet.

The strikes essentially involve requesting small data ‘packets’  (chunks of information) that trigger the return of large responses – thus magnifying the scale of the attack and causing the cyber equivalent of a traffic jam. Worse still, the affected servers can then be commandeered to participate in DDoS attacks on others.

DNS overload

The same ‘information overload’ technique can be used with Domain Name Systems (DNS). The attacker spoofs the source address with the address they wish to attack and issues many thousands of look-up requests to DNS servers. Through various commands, the attacker turns a small DNS query into a much larger payload – designed to flood the target network and bring it to a standstill.

Help is at hand

Through our partnership with the respected UK-based specialist RedSpam, Sungard AS offers a proven DDoS mitigation service to protect our customers against this potentially devastating threat. We employ over 30 different techniques to deliver custom mitigation templates tailored to each client and threat level.

Firstly, we profile your IT estate to build a picture of normal use, so we can identify within minutes when an attack is underway. At the first sign of unusual activity patterns we automatically divert internet traffic to a clearing house where it’s scrubbed clean before being re-routed back to you. This cleansing process causes virtually no delay but has proven extremely effective in thwarting attacks.

If you’re concerned your organisation could be vulnerable, please contact your account manager or email to find out more.