For any queries regarding our merger, please read boxxe & Total Computers – A Powerful Merger or contact our Customer Services Team on 0330 236 9429 or via email at letschat@boxxe.com.
It’s not just enterprises that need DDoS protection!
With Distributed Denial of Service (DDoS) attacks on the rise, it’s time to reconsider using DDoS protection.
“I doubt we’d be a target, we’re just not big enough!’’
1.4 million organisations in the UK with under 250 users and another 8,000 in mid market (>250 - <2,500), now more than ever is the right time to consider protecting against this inherent risk.
“The tech has a price point far beyond our reach – and means.”
These are the reasons why so many of the businesses we’ve worked with aren’t using DDoS Protection. And yet, attacks do happen, regardless of size, costing them huge amounts of money and time. Fortunately, there’s a great solution available… enter Microsoft, and its latest DDoS IP Protection Plan.
Before we look at that, let’s take a moment to explore the what’s, why’s and costs of a DDoS attack on your business.
What is Distributed Denial of Service (DDoS)?
DDoS is a cyberattack which uses tens, hundreds (and sometimes even thousands) of internet connected devices to disrupt a business. It usually targets a website or other internet-connected servers, with the aim of denying legitimate users access to the services hosted there.
It sounds complicated – and that’s the problem. You can rent DDoS farms on the internet without requiring an individual’s effort or prior knowledge. The most advanced attacks use zombie machines, generally infected with malware.
Without a protection layer in your business, the outlook is pretty bleak.
Three types of DDoS attack
The volume attack
Imagine a pipe like this one:
All of your users pass through here in order to access your website or service. It’s empty right now, so has the bandwidth to take users and allow them access to your services.
Now it’s under attack and looks like this:
The pipe has been filled using a volumetric angle to ensure there’s no space for your legitimate users. So, what do you do?
You decide to build a website for scaling. The pipe will get bigger as the site or service scales, so surely there’s still enough bandwidth for your genuine users?
If only!
The problem is, you can’t see what scale the attackers are working on. So now the attack has scaled up with you.
The protocol attack
Let’s look at the website example from a different angle.
The internet runs on ports, protocols and handshakes, which offers another avenue of exploitation within a DDoS attack.
In order for users to connect to your website, a three-way handshake is needed.
Since your website server has a port reserved just for these kinds of communications, an attacker can simply send the first part of the handshake, to reserve it. It will then await a response – which never comes through. Now the connection will be left open to exhaust the servers’ port availability, leaving no ports for your legitimate users.
Sidenote: Although this attack requires a different type of protection technology known as Web Application Firewalls, we referenced it here just to demonstrate the diverse methods that attackers use.
The application attack
When a genuine user performs an action on a website, your servers now have work to do, such as fetching data from a database or talking to another service for authentication.
So, what would happen if an attacker automated those user actions?
It would send a flood of HTTP requests mimicking the actions of these users to exhaust the resources on the server. Again, legitimate users now can’t access the services or products on your site.
MafiaBoy’s influence on DDoS
Back in 2000, MafiaBoy (Michael Calce) was paralysing e-commerce sites, eBay, Dell and Yahoo – the largest internet search provider at the time.
It’s 7th February 2000, and MafiaBoy launches Project Rivolta – using the skills learned in his early years and on hacking forums to bring Yahoo down first. It goes down for an hour, which is a successful start.
A day later Buy.com goes down… but not because of MafiaBoy. Someone else has laid down the gauntlet, and now he has to respond, setting eBay as his next target which falls faster and harder than Yahoo.
Now he’s on a roll, and fellow hackers give him an ‘impossible’ challenge: Take down CNN. He does, and then Dell and Amazon.
It’s a prime example of the potential opportunities for hackers using this type of attack. Although this was in the earliest years of the internet and protection against these attacks continue to improve, so too has the ability to perform them – they’re rentable for $30 in bitcoin, no experience needed.
Attack volumes today
In 2022, the number of DDoS attacks fluctuated but remained high. Peaking at 2,215 attacks per day, with an average of 1,435 attacks, protection is required and Microsoft protected against upwards of 520,000 individual attacks in 2022 alone.
One last thing… before the good news!
A disruptive attack costs money and damages reputations, but there’s also the intangible cost following a cyber incident to be considered.
Just as your business takes a multifaceted approach to security, threat actors utilise multifaceted attacks to mask and divert your security team’s attention from their real intentions. The DDoS might be used to divert your team’s attention away from a more sophisticated attack launched at the same time.
So, the message is clear; protection is needed no matter the size of the business, and whilst we’ve invested time, effort and money into protecting laptops and servers with protection suites, anti-malware, anti-virus, EDR etc, DDoS protection is still considered difficult to access.
Azure DDoS IP Protection – Accessible to all markets
‘Difficult to access’ is no longer an excuse, thanks to Microsoft Azure’s DDoS IP Protection. Previously restricted to one plan per subscription for every business (a costly investment), Microsoft has scaled over time; now you can take advantage of the same level of protection but protect individual public IP Addresses… opening up an enterprise class protection to medium-sized and even smaller organisations.
Key Features
Massive mitigation capacity and scale
Defend your workloads against the largest and most sophisticated attacks with cloud scale DDoS protection backed by Azure’s global network. This ensures that we can mitigate the largest attacks reported in history and thousands of attacks daily.
Protection against attack vectors
DDoS IP Protection mitigates volume and protocol attacks. The service's intelligence can identify malicious and legitimate traffic without the need for human intervention. We also use Azure Web Application Firewalls (WAF’s) to protect against the third form of attack: application.
Adaptive tuning
Protect your apps and resources while minimising false-negatives with adaptive tuning. Applications running in Azure are inherently protected by the default infrastructure-level DDoS protection. However, it protects and safeguards infrastructure with much higher thresholds than most applications have the capacity to handle. This means certain traffic volumes might be perceived as harmless, but could have devastating effects on the application that receives it.
Adaptive tuning guarantees your applications are protected if Azure’s DDoS infrastructure-level protection doesn’t detect application-targeted attacks.
Integration with Microsoft Sentinel and Microsoft Defender for Cloud
Strengthen your security posture with rich attack analytics and telemetry integrated within Microsoft Sentinel. boxxe’s full Sentinel solution includes comprehensive analytics and alert rules to support customers in their Security Orchestration, Automation, and Response (SOAR) strategy. Customers can setup and view security alerts and recommendations provided by Defender for Cloud.
Why boxxe?
boxxe is one of Microsoft’s managed partners and is in the top 0.25% of partners globally. We hold some of their biggest and most complex UK contracts in Defence and the Public Sector space.
With our industry leading expertise around the Microsoft product set in Modern Workplace, Security and Azure, we can start with DDoS Protection and guide you through every Microsoft decision you make subsequently.
Ready to defend your business from all angles?
Simply call us on the number below or complete the form and we will be in touch.