We often think of DDoS attacks as volumetric malicious traffic targeted against organizations that effectively take a service offline. Most frequently detected by anomalous behavior found in NetFlow, sFlow, IPFIX, and BGP data, what may not be well understood is how the DDoS mitigation works and how it’s possible to visualize the effectiveness of the mitigation during and after an attack.
Recently, I saw some discussion online about how flow data, like NetFlow and sFlow, doesn’t provide enough network visibility compared to doing full packet captures. The idea was that unless you’re doing full packet captures, you’re not doing visibility right. Because I’ve used packet captures so many times in my career, I admit there’s a part of me that wants to agree with this.
This fall Amazon Prime Video became the exclusive broadcaster of the NFL’s Thursday Night Football. This move continued Prime Video’s push into the lucrative world of live sports broadcasting. While they had previously aired TNF, as it is known, this is the first season Amazon Prime Video has exclusive rights to broadcast these games. As you can imagine, airing these games has led to a surge in traffic for this OTT service.
We recently broadcast a webinar to discuss DDoS trends and developments. Our partner Cloudflare had their cybersecurity evangelist, Ameet Naik, join us along with our own Doug Madory, head of internet analysis. I had the pleasure of moderating the discussion.
On August 17, 2022, an attacker was able to steal approximately $235,000 in cryptocurrency by employing a BGP hijack against the Celer Bridge, a service which allows users to convert between cryptocurrencies. In this blog post, I discuss this and previous infrastructure attacks against cryptocurrency services. While these episodes revolve around the theft of cryptocurrency, the underlying attacks hold lessons for securing the BGP routing of any organization that conducts business on the internet.
There is a key difference between having more data and having more answers. That was the theme for Kentik at Networking Field Day 29.
Distributed denial-of-service (DDoS) attacks have been a continuous threat since the advent of the commercial internet. The struggle between security experts and DDoS protection is an asymmetrical war where $30 attacks can jeopardize millions of dollars for companies in downtime and breaches of contract. They can also be a smokescreen for something worse, such as the infiltration of malware.
