Site Security and Availability in Turbulent Times
On Friday, October 21st, Dyn, a popular global provider of managed DNS (Domain Name Service) infrastructure services, suffered a day-long outage caused by a large-scale DDoS attack. The attack disrupted Dyn’s DNS service delivery, first at its East Coast data centers and then throughout the rest of their U.S. and global data centers. Major online brands were impacted as a result of the outage caused by the attack.
The Dyn attack was identified as the latest affront involving the Mirai botnet code base, which was previously used to take down the blog of noted security journalist Brian Krebs. The Mirai botnet that targeted Dyn was estimated to have harnessed the collective power of hundreds of thousands of compromised webcams, DVRs, CCTV cameras, and other Internet of Things (IoT) devices worldwide. This army of compromised devices was able to generate a massive volume of malicious traffic that overwhelmed Dyn’s DNS services. When DNS is unavailable, sites using the service experience an outage because no one can find those sites.
Based on public analysis of the Mirai code that has been made available, the botnet had multiple attack vectors at its disposal, which enabled it to flood its victims with attack traffic. These vectors included both established and novel volumetric network attacks, in addition to an application layer attack intended to consume web application server resources. While early analysis did not show the latter vector being used against Dyn, it’s useful to note that application layer attacks are increasing in frequency and sophistication as attackers capitalize on vulnerabilities at the web application tier.
Mirai’s effectiveness highlights the importance that organizations must place upon mitigating the effects of these attacks on their sites and DNS infrastructure. If your organization relies upon digital experiences for strategic execution and advantage, then protecting your sites and DNS infrastructure through DDoS mitigation and online security services should be high on your priority list.
How Can Acquia Customers Protect Themselves?
Acquia helps its customers deliver engaging digital experiences in the face of a constantly evolving threat landscape through its Acquia Cloud Edge service. Acquia Cloud Edge mitigates the effects of DDoS and online attacks on customers’ sites and DNS infrastructure, and helps sites remain as accessible as possible through unplanned traffic surges with a global content delivery network (CDN).
DDoS and Online Attack Mitigation
Acquia Cloud Edge provides services that mitigate the effects of volumetric network attacks. With its significant investments in global data centers and network bandwidth capacity, Acquia Cloud Edge absorbs attack traffic at the network’s edge so your origin infrastructure in the Acquia Platform doesn’t have to. Acquia Cloud Edge also provides a web application firewall (WAF) that mitigates application layer attacks. The WAF blocks hackers from applying SQL injection (SQLi), cross site scripting (XSS), cross site request forgery (CSRF), and other forms of attacks against your application with its support for the OWASP Top 10 rule set so that you can keep your sites and customer content secure. The last thing you want to have to deal with is hackers making off with any valuable customer data from your site, and Acquia Cloud Edge’s WAF is a perfect compliment to our DDoS mitigation services to ensure that your sites’ visitors continue to have a trusted experience with your brand.
Highly Available DNS
Acquia Cloud Edge provides an ultra-fast, secure, authoritative DNS service for Acquia customers. According to dnsperf.com, the Cloud Edge DNS services powered by CloudFlare are consistently ranked the fastest in worldwide DNS performance. Using an Anycast network powered by over 100 global data centers, and with over 10 Tbps network capacity, the Cloud Edge DNS services ensure rapid propagation of changes and fast DNS look-ups from anywhere around the world.
Powering more than 35% of globally managed DNS domains, Cloud Edge DNS also comes with built-in load-balancing, automatic failover, rate-limiting, and filtering. For added security, it offers DNSSEC to add a layer of trust on top of DNS by requiring DNS responses to be validated.The Cloud Edge authoritative DNS services are backed by proven network and security infrastructure enabling it to mitigate large-scale DDoS and other online attacks. Overall, Cloud Edge makes DNS easy and dependable, with all of your domains managed through Edge’s user-friendly web interface or via a robust API.
Global Performance and Availability
Acquia Cloud Edge helps organizations deliver fast, responsive, as well as secure, digital experiences through the caching of site content on its global content delivery network (CDN). That CDN stores site content at over 100 global data centers so visitors around the world can load your sites’ content from the data center that is geographically nearest to them. The closer the site’s content is to the visitor, the faster the site will load for them. While the CDN can help to significantly speed site loads for visitors, it also plays a critical role in ensuring high site availability.
The CDN is highly scalable and decreases the number of requests being made to your origin site in the Acquia Platform. If you experience a significant spike in traffic, due to a sudden increase in traffic (a news event, eCommerce sale, live performance) or a malicious attack, visitors will still be able to access the cached content efficiently. This increases the likelihood that visitors will be able to access site content during a high traffic surge scenario.
Take the Next Step
With today’s rapidly evolving threat landscape, organizations must be ready when they are attacked. It is no longer a matter of “if,” but “when” attacks will occur, as demonstrated by the recent Mirai attacks. With Acquia Cloud Edge, Acquia Platform customers can mitigate attacks on their sites as well as attacks on their authoritative DNS infrastructure. Let us show you how Acquia Cloud Edge and the Acquia Platform can make your sites faster and more secure, ensuring that visitors from anywhere around the globe can access your site, even in the face of a DDoS or other online attack.