Hackers and cybercriminals are relentless. Even in times of crisis, such as the COVID-19 pandemic, they never stop breaking into systems and making websites inaccessible through Distributed Denial of Service (DDoS) attacks. In the Netherlands, such attacks have even intensified in recent years, according to the annual report of the Dutch National Internet Providers Management Organization (NBIP). Fortunately, there is an effective response to this type of attack, says Erik Radius, technical product manager at Eurofiber Netherlands.
Lost sales and damage to your reputation
DDoS attacks have become popular among hackers and cybercriminals over the years. Using relatively basic tools, they can cause corporate networks or websites to be bombarded with massive amounts of ‘fake traffic’. Hijacked PCs or various smart devices connected to the internet, ranging from video cameras to refrigerators, are used to generate the attacks. Nowadays, these ‘botnets’ are even leased out for relatively low fees. The end goal of a DDoS attack: to overload the affected corporate networks or websites, blocking access to everything from online stores to online banking. The attacks often lead to lost sales and damage to the company’s reputation.
More complex and intense
Although the number of registered DDoS attacks in the Netherlands did decrease slightly (919 incidents in 2019 vs. 938 in 2018), the attacks rose sharply in size and complexity, according to the recent NBIP annual report. For example, the most extensive attack in 2019 involved a total of 124 Gbps. By comparison, the biggest attack in 2018 was ‘only’ 68 Gbps. The first quarter of 2020 already set a new record, registering an attack of 140 Gbps. The complexity of DDoS attacks – the number of techniques or ‘vectors’ used – is also increasing steadily: up from a maximum of 12 vectors in 2018 to 30 vectors in 2019.
National Scrubbing Center against DDoS
The NBIP has set up a special service for its members, the internet providers in the Netherlands, to limit the consequences of DDoS attacks. Referred to locally as NaWas, this ‘National Scrubbing Center against DDoS’ is also used by Eurofiber to protect Business Internet clients against such attacks, says Erik Radius, technical product manager at Eurofiber Netherlands. And the results speak for themselves. “Last year alone, we counteracted several dozen attacks through the Scrubbing Center. We automatically detect if there is a DDoS attack on our network and our customers. Such an attack is then diverted directly to the Scrubbing Center, ensuring that there is no noticeable disruption in internet traffic for our customers and their end users. It is no longer feasible to manually detect and rectify these types of attacks, precisely because more and more attack vectors are being used in a single DDoS attack.”
Scrubbing Center resolves DDoS problems
Radius has observed that the threshold for launching DDoS attacks is getting lower. “These days, there are all kinds of internet forums where you can rent botnets with thousands or even tens of thousands of attacking devices for a handful of dollars per attack. It hardly requires any technical knowledge anymore. This also means that attacks are no longer limited to high-profile organizations, such as government authorities or large corporations. For example, we have a school that purchases an internet service from us. They experienced persistent DDoS attacks on school days around noon, which caused major problems during teaching. In the end, the school solved this by contacting Eurofiber to arrange access to the anti-DDoS service, including the scrubbing center. The attacks were neatly routed through the NaWas and neutralized, leaving the school’s network and online environments unaffected from then on. The attacks eventually decreased to a slow trickle. After all, there was no point for the attackers to keep trying.”
Stay informed about all developments
You will receive the newsletter once a month.