The COVID-19 virus has attacked more than just health and people’s freedom of movement. It has also succeeded at undermining online security as more organizations and people rely on their online presence exclusively and turn to internet-based work, study, purchases and communications. The traffic spikes characteristic of the early part of the crisis have started to stabilize, meaning that uptime should also be stable for regular traffic, regardless of volume if you’re monitoring your availability and making provisions for redundancy. But irregular traffic booms, which are often the harbinger of a distributed denial of service (DDoS) attack is entirely another creature.
According to Nokia statistics, since the start of the coronavirus outbreak, DDoS attacks have increased by at least 40%, and their intensity and bandwidth is rising alongside frequency. It’s becoming exceedingly common that DDoS attacks are multi-vector, targeting not only your websites but your apps and APIs as well, in an attempt to thwart your normal lines of defense and catch you off guard.
Even before COVID-19 hit, DDoS attacks were up 180% in 2019 compared to 2018, and in the current moment, 80% of scams, hacks and cyberattacks are coronavirus-themed, according to Proofpoint research. Spam, bot traffic, malware, the appearance of malicious domains and phishing scams have boomed since the beginning of the COVID-19 crisis. In particular, bad actors have targeted the very companies we turn to to get key information and keep things running, such as global and national government and public agencies that provide up-to-date information on the crisis itself, and the tools we’re relying on help us communicate, work and so on during this time.
A dose of Varnish keeps the DDoS away
Clearly, as evidenced by the increase in slippery multi-vector attacks, new avenues of attack are constantly being invented. No means of protection is foolproof, but mitigation and design can lend a big helping hand in warding off the worst of what you may face.
Much like the old adage “an ounce of prevention is worth a pound of cure” or even the more current theme of “flattening the curve” -- taking preventive action to detect attacks before they happen and adversely affect your business makes sense. If you put such measures in place before you need them, it’s possible you will never deal with the costly experience of an outage, or can at least gain control of and stop the attack before it can do serious damage.
Varnish offers a number of mitigation techniques to alleviate DDoS attacks (as well as other security concerns):
- Traffic handling: Identify and stop attacking requests/overloads by giving you the capacity to handle the incoming traffic
- Policy: Create your own security policies for handling/managing traffic using Varnish Configuration Language
- Design: Varnish was created with security in its design, extending request inspection and throttling abilities to help detect potentially malicious traffic patterns and manage them
- High availability: Varnish High Availability ensures redundancy and availability in heavy traffic situations and even in outages