The worldwide web has become a dangerous place over the years, with cyber-attacks becoming common, and more sophisticated. Large organizations and even the federal government have felt the sting of numerous attacks in recent past.
“State-of-the-art” defense systems have been penetrated, forcing many to re-evaluate their supposedly secure environments. Organizations are increasingly depending on the availability of their services, and on their ability to securely connect to the Internet. Downtime results in immediate revenue loss and in potentially tarnishing the brand.
Leaseweb provides an agile and efficient, network-wide protection against the full spectrum of Cyber security attacks, including the challenging multi-vector attacks, which use a combination of high rate volumetric or network protocol attacks, and more sophisticated application attacks.
Cyberattacks can target either your IP’s or Domains trying to find the weakest link in your defense system, attempting to bring down your service or to create a data breach.
The impact of such an attack can be way more than the expense of mitigation or the loss of sales revenue from a compromised web property. These attacks can severely impact trust and brand loyalty with long term implications.
Types of DDoS attacks
DDoS attacks can be carried out in different ways (attack vectors), but an attack vector will be one of the following three categories:
Within these categories, the actual attack vectors being used are evolving continuously. There is an acceleration of innovation with new and more complex attacks and tools. Targeting either your domain or IP address. Below we will explain in more detail about the different attack vectors:
Volumetric (Layer 3) attacks
Attackers attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. These attacks are about causing congestion by flooding a network interface with attack traffic in order to overwhelm its resources and deny it the ability to respond to legitimate traffic.
Attacks are measured in bits per second (bps), and common attacks include UDP and ICMP floods.
Protocol based (Layer 4) attacks
Attackers attempt to drain resources by sending open requests, with (spoofed) IP addresses, saturating the connection state tables of the victim to a point when they cannot respond to legitimate requests. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.
Common attacks include Anomalous TCP flag combinations (no flag, SYN/FIN, SYN frag, LAND attack), Ping of Death and POODLE attack, and are all measured in packets per second (pps).
Application (Layer 7) attacks
Attackers attempt to bring down a service by sending seemingly harmless requests commonly using HTTP or DNS. These attacks are slow and stealthy but can be very effective in bringing down your service with as few as one attacking machine generating a low traffic rate.
Common attacks include Slowloris, Apache killer and HTTP floods. Attacks are measured in requests per second
Advantages of Leaseweb
Preventing an attack is far less expensive than recovering from it, so the right solution is important, and with Leaseweb, we have the knowledge, technology and services to protect your business.
Our advantages include:
- 24/7 Security Operation Center manned by Cybersecurity experts and registered ethical hackers with at least 10 years of battle-tested experience.
- Best-in-class cloud-based and dedicated solutions with customizable and configurable rule sets, you can adjust your security posture, monitor suspicious traffic and respond to threats with ease.
- Over 30 PoPs around the world and, with strategically positioned mitigation and scrubbing centers, we keep your IP based service and web site free from DDoS attacks.
- Our Security Operation Center is manned by experienced Cybersecurity experts and registered ethical hackers with over 200 years of collective experience. The best talent in Cybersecurity is at your fingertips.
Leaseweb Cybersecurity portfolio offers you the right solutions to protect your on-line services against the full spectrum of Cyber security threats.
Our Cybersecurity portfolio includes Domain protection services and DDoS IP Protection services accompanied by professional services (consulting, customized protection design, 24x7 SOC). Our services are built on a combination of in-house knowledge, in-house development, specialized partners and recognized leading technology.
Main features of Domain protection
- Mitigating complex application layer attacks using sophisticated algorithms
- Cloud based best-in-class web application security platform
- Globally distributed architecture with strategically distributed SuperPoPs
- Dashboards and reports
- White-glove managed service with 24x7 Security Operations Center
- Cybersecurity experts at your disposal for real-time mitigation of attacks
These services will protect your domains (websites, web application, e-commerce platform) against all types of the DDoS attacks, this solution is based on Web Application Firewall (WAF) services.
Main features of DDoS IP protection
- Designed to protect your services against all types of DDoS attacks
- Large multi-path ingress capacity
- Network perimeter anomaly and attack detection
- Profile based mitigation (throttling, scrubbing, null-routing)
- Automatic on-demand or always-on scrubbing
- Automated Email alerts
- DDoS IP protection “Standard” is included with the service
- “Always-on” and “Customized” options for advanced DDoS IP Protection
- Managed service with 24x7 Security Operations Center for “Customized” and “Always-on”
These services will protect your IP addresses against volumetric, protocol based and some types of application layer attacks and based on a combination of border router filtering, anomaly detectors and scrubbing centers (see DDoS IP Protection services).
If you want to learn more about our two product lines please refer to our products pages: