Cyber Security Overview

Cyber Security Overview

Introduction

The worldwide web has become a dangerous place over the years, with cyber-attacks becoming common, and more sophisticated. Large organizations and even the federal government have felt the sting of numerous attacks in the recent past.

“State-of-the-art” defence systems have been penetrated, forcing many to re-evaluate their supposedly secure environments. Organizations are increasingly depending on the availability of their services and on their ability to securely connect to the Internet. Downtime results in immediate revenue loss and in potentially tarnishing the brand.

Leaseweb provides agile and efficient, network-wide protection against the full spectrum of Cyber security attacks, including the challenging multi-vector attacks, which use a combination of high-rate volumetric or network protocol attacks, and more sophisticated application attacks.

Cyberattacks can target either your IPs or Domains trying to find the weakest link in your defence system, attempting to bring down your service or create a data breach.

The impact of such an attack can be way more than the expense of mitigation or the loss of sales revenue from a compromised web property. These attacks can severely impact trust and brand loyalty with long-term implications.

Types of DDoS attacks

DDoS attacks can be carried out in different ways (attack vectors), but an attack vector will be one of the following three categories:

1607761

Within these categories, the actual attack vectors being used are evolving continuously. There is an acceleration of innovation with new and more complex attacks and tools. Targeting either your domain or IP address. Below we will explain in more detail the different attack vectors:

Volumetric (Layer 3) attacks

Attackers attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are about causing congestion by flooding a network interface with attack traffic in order to overwhelm its resources and deny it the ability to respond to legitimate traffic.

Attacks are measured in bits per second (bps), and common attacks include UDP and ICMP floods.

Protocol based (Layer 4) attacks

Attackers attempt to drain resources by sending open requests, with (spoofed) IP addresses, saturating the connection state tables of the victim to a point when they cannot respond to legitimate requests. Even high-capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.

Common attacks include Anomalous TCP flag combinations (no flag, SYN/FIN, SYN frag, LAND attack), Ping of Death and POODLE attack, and are all measured in packets per second (PPS).

Application (Layer 7) attacks

Attackers attempt to bring down a service by sending seemingly harmless requests commonly using HTTP or DNS. These attacks are slow and stealthy but can be very effective in bringing down your service with as few as one attacking machine generating a low traffic rate.

Common attacks include Slowloris, Apache killer and HTTP floods. Attacks are measured in requests per second

Our advantages include

  • 24/7 Security Operation Center manned by Cybersecurity experts.
  • Best-in-class cloud-based and dedicated solutions with customizable and configurable rule sets, you can adjust your security posture, monitor suspicious traffic and respond to threats with ease.
  • Over 30 PoPs around the world and, with strategically positioned mitigation and scrubbing centers, we keep your IP-based service and website free from DDoS attacks.

Cybersecurity Portfolio

Our Cybersecurity portfolio provides different types of DDoS IP Protection services. Our services are built on a combination of in-house knowledge, in-house development, specialized partners and recognized leading technology.

Main features of DDoS IP protection

  • Designed to protect your services against all types of DDoS attacks
  • Large multi-path ingress capacity
  • Network perimeter anomaly and attack detection
  • Profile based mitigation (throttling, scrubbing, null-routing)
  • Automatic on-demand or always-on scrubbing
  • Automated Email alerts
  • DDoS IP protection “Standard” is included with the service
  • “Always-on” and “Customized” options for advanced DDoS IP Protection
  • Managed service with 24×7 Security Operations Center for “Customized” and “Always-on”

These services will protect your IP addresses against volumetric, protocol based and some types of application layer attacks based on a combination of border router filtering, anomaly detectors and scrubbing centers (see DDoS IP Protection services).

If you want to learn more about this product please refer to our product page: DDOS IP Protection