Abion / Blog / A technician’s view on DDoS attacks
featured-2 (1)

Out of sight, out of mind

Presence on the internet is nowadays viewed as a must for most companies. In an instant, you are able to present your company the way you want and attract new customers. However, when entering the web, the demands for availability also increases. Visitors expect a warm welcome.

What happens when this expected welcome is replaced with the “slightly” more dull message saying something like “This site cannot be reached”?

A DDoS attack is no longer an IT-related issue, but an all-out attack on the entire brand.

A typical DDoS attack means overloading a server with requests so it eventually stops functioning. An immediate effect might be that you are unable to access a website. The long-term effect however, is a loss of confidence among both existing and potential new customers.

The kinds of attacks we are seeing today are much more sophisticated than before and blend different types of DDoS attacks in one single aimed attack against the target.

According to a recent report on DDoS attacks by Neustar, 82% of companies worldwide have been the victims of DDoS attacks. In Europe, 47% of companies have been targeted more than 6 times.[1]

The most common types of DDoS attacks are:

  • Volumetric attacks
    This type of attack floods the network layers with a substantial amount of traffic saturating the entire bandwidth of the target and renders its services inaccessible. This is the most common type of attack – 65% during 2016 according to Arbor Networks [2] – and also the most simple type of attack to launch.
  • Protocol Attacks
    The Protocol Attacks aims to fill the routing tables found in almost every component, like the load balancers, firewalls or application servers. Even components made to be able to handle millions of requests stop working when attacked this way.
  • Application Attacks
    This is the most dangerous type of attack since it generates a relatively low amount of traffic, which makes it hard to detect. The attacks are aimed at vulnerabilities at web applications like WordPress plugins.

You have probably unknowingly been the target of an attack

As recent as two days ago, Abion were the target of attacks. The first one occurred at 01:55 in the morning, and the second one in 10:35 in the morning. The only affected party was me, because I was the one on duty.

So if you’re a client of ours, how come you haven’t been affected?

In order to manage a DDoS attack, you need DDoS protection. Combined with an IPS protection (Intrusion Prevention System), we at Abion have a one-of-a-kind volumetric DDoS protection that actively protects our network at the Internet Service Provider level. This is vital from many aspects, but most crucially it enables our firewalls, switches and servers to focus on the functions they were designed to perform.

From a technicians perspective, it would be a virtual nightmare trying to find the cause of a server failure without a proper DDoS protection. Normal troubleshooting procedures are disturbed by all of the data that is flooding the network and disables much of the hardware. In this case, the last resort is to disconnect the equipment. An attack might last for several minutes, or several days, but the effects of an attack on the business might last for months.

Abion’s volumetric DDoS protection analyses the incoming traffic and learns to recognise normal traffic flows, in order to identify irregularities. Combined with specially written filters for different types of services, an alarm goes off when the traffic is out of the ordinary.

Once we experience irregular traffic pattern the DDoS protection mitigates the unwanted traffic without affecting other services. Since the traffic is filtered in the backbone routers at the Internet Service Provider – where the capacity is highest – we can ward off extremely big attacks without affecting the uptime.

DDoS attacks continue to grow in size, duration and sophistication. This means higher demands on us as a service provider. Demands we take very seriously and we make sure to be at the forefront when it comes to security.

We stop the attacks, so you can focus on your business.

2016 Neustar DDoS Attack & Protection ReportWorldwide Infrastructure Security Report

Related reading

Insights Microsoft Defense Report

Key Takeaways from the “Microsoft Digital Defense Report 2024”

Domain Management
Websecurity
English
DDOS attack
Domain Hijacking
Phishing
21, November 2024
From the rise of sophisticated ransomware to the increasing use of AI by both attackers and defenders, the report...
Domain NIS2

Understanding NIS2 – the EU’s New Cybersecurity Directive

Domain Management
English
8, November 2024
European Union policymakers are introducing more legislation to heighten cybersecurity standards and curb online f...

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data