IT infrastructure solutions provider Summit routinely identifies network and distributed denial of service attacks, which occur as frequently as every few days and range from small protocol floods to full-blown DDoS attack campaigns designed to extort money. After the victim pays up, the attacker promises to stop the DDoS attack.
Download a Copy Now
Pay Up or Else: IT Infrastructure Solutions Provider Helps Customers Navigate Distributed Denial of Service Attacks
We live in a managed services world where organizations across industry sectors are outsourcing significant pieces of their operations to third-party specialists. The business case for managed services can be compelling. But as DDoS attacks and security threats rise, so too have the stakes for DDoS attack defense for managed services providers. These companies must not only have DDoS attack defense strategies in place to protect their own networks and data but also serve as effective guardians on behalf of their customers and their customers' customers.
As an IT infrastructure solutions provider, Summit fills these dual roles. The firm routinely identifies network and distributed denial of service attacks, which occur as frequently as every few days and range from small protocol floods to full-blown DDoS attack campaigns designed to extort money. After the victim pays up, the attacker promises to stop the DDoS attack.
Earlier this year, one of Summit’s customers—a company that offers a web-based tool for project management—was the target of an organized DDoS attack that involved attempted extortion. The group's MO is simple: threaten to attack a network if an organization does not meet its demands for payment.
After refusing to negotiate with the criminals, the Summit customer was hit with a 20GB DDoS attack. The incident underscores the important role that Summit plays in its customers' network security. "Summit takes as much pride in our customers' ability to execute and offer service as we do in our own ability to provide infrastructure in support of mission-critical applications and business functions," says Lead Network Architect Chris Haun. "We are equally focused on providing 100% uptime to their customers and end users."
Detecting Extortion-Based DDoS Attacks
Summit detects DDoS attacks in many different ways. In the case of the extortion-based attack, the customer notified Summit of the threat.
"In some instances, customers will contact us, noting that something isn't right. They may recognize it as an attack or simply see something out of the ordinary," Haun says. "Attacks can also be detected by our network monitoring tools, which can identify anomalies and alert our Network Operations Center of the incident."
Summit's engineering staff regularly reviews the network reporting data and performs DDoS forensic research using historical flow analysis when needed.
After years of experience operating a resilient, high-performance network, Haun says Summit was prepared to support its customer through the extortion-based DDoS attack. In fact, the company has built a DDoS attack defense model that it can apply to customer interfaces immediately once a problem turns up.
"As a result, most customers don't even know they're being attacked until Summit's monitoring system detects it," Haun says.
DDoS Attack Defense: Planning for the Future
Groups responsible for many DDoS attacks, especially those that incorporate extortion, have a habit of stopping and starting attacks at random intervals. Charles Rumford, Principal Infrastructure Architect at Summit, says that Summit's core network architecture, deployment of carrier-class routers, and use of a DDoS forensic toolset help ensure the company is ready for even the most unpredictable attacks, thus providing the best possible DDoS attack defense.
"We're able to quickly and easily manage the presence of an attack with a known or identifiable fingerprint," says Rumford. "Radware Cloud’s scrubbing service lets us jump in quickly when a customer’s under attack". Summit also offers dedicated DDoS protection for customers looking for a more tailored, hands-on solution.
DDoS attacks are becoming both more sophisticated and seemingly easier to execute, and Rumford says Summit expects the number of attacks to double over the next 12 months. Managed services providers need to remain vigilant in their DDoS attack defenses, as attacks can affect both their own networks and those of many or all of their customers.
With that reality in mind, customer education is an increasingly important component of the company's strategy for DDoS mitigation. Summit makes a point of educating its customers about risks and about the steps they should take for DDoS attack defense to proactively guard against those risks.
"As we see more and more attacks of all types, we have an obligation to share this knowledge with our customers so that everyone can be as vigilant as possible," Rumford explains. "We know that attackers are focused on their 'job' 100% of the time. For Summit, staying abreast of changes in attack patterns, objectives, and execution is something that must remain 'on' at all times as well."