In recent years, DDoS (distributed denial-of-service) attacks have been increasing in frequency, resulting in companies of every size being targeted, including major organisations like Google, Visa, Paypal, Sony, Deezer, and Evernote.
Many experts say the traditional methods of prevention and mitigation have become less effective, but could SAVI help? Here we look at what DDoS attacks are, and what can be done to minimise their impact.
What are DDoS attacks?
A DDoS attack is essentially an attempt to make a website or online service unavailable to users. There are a number of different methods to execute a DDoS attack, but one of the most common is sending so many requests that a server is overloaded, and unable to respond to legitimate requests. Anyone visiting the website or service will either not be able to access it at all, or have a very limited experience, and that can obviously have a big impact on a business.
Organisations of all sizes are targeted. For example, millions of PlayStation gamers were affected by DDoS attacks on Sony's PlayStation Network (PSN) on several occasions last year. This meant that gamers couldn't use a service that they had paid for, leaving them very frustrated, and resulting in Sony losing revenue.
It's worth noting that it's not just the immediate impact that can do damage – there may be ongoing reputational harm if the company is perceived as being unable to provide people with a stable and reliable experience. No-one wants to rely on a service which may or may not be available at any given time.
Protecting your company
Source Address Validation Improvement (SAVI) is one way to protect your company against these threats. DDoS attacks are typically targeted to exploit the fact that IP does not perform a robust mechanism for authentication, which is proving that a packet came from where it claims it did – a packet simply claims to originate from a given address, and there isn't a way to be sure that the host that sent the packet is telling the truth.
SAVI methods were developed by the Internet Engineering Task Force (IETF) to prevent this spoofing. SAVI works by mitigating the risk of nodes attached to the same IP link from spoofing each other's IP addresses, complementing access filtering with unique, standardised IP source address validation.
In summary, businesses of all sizes should be aware of how their servers are protected against DDoS attacks, and what redundancies are in place in the event of an attack. If people are more aware of security issues and how to minimise their impact, the internet and the web will continue to be an incredible resource for everyone.
- Axel Pawlik is the Managing Director of the RIPE Network Coordination Centre (RIPE NCC)