{"id":15013,"date":"2014-10-03T15:05:13","date_gmt":"2014-10-03T15:05:13","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=2689"},"modified":"2020-02-26T10:56:22","modified_gmt":"2020-02-26T15:56:22","slug":"fighting-fire-with-fire-about-the-european-launch-of-kaspersky-ddos-protection","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/fighting-fire-with-fire-about-the-european-launch-of-kaspersky-ddos-protection\/15013\/","title":{"rendered":"Fighting fire with fire: about the European launch of Kaspersky DDoS Protection"},"content":{"rendered":"<p>Great evil lurks in the darkness of the Net, plotting to destroy the entire world\u2026 However, DDoS attacks are not worthy of such sonorousness, although it\u2019s quite true that they are evil. As a matter of fact, it\u2019s a long-standing global problem that is very hard to fight. And some of Kaspersky Lab\u2019s latest activities \u2013 namely, the <a href=\"https:\/\/www.kaspersky.com\/about\/news\/product\/2014\/Reality_of_Rising_DDoS_Attacks_Sees_European_Businesses_Take_Action_to_Reduce_Financial_and_Reputational_Impact\" target=\"_blank\" rel=\"noopener nofollow\">European launch of Kaspersky DDoS Protection<\/a> \u2013 is just that sort of counterattack.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Kaspersky #DDoS Protection launches in Europe #enterprisesec<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FUhr8&amp;text=Kaspersky+%23DDoS+Protection+launches+in+Europe+%23enterprisesec\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Okay, first, why is it serious? In a nutshell, a distributed \u201cdenial-of-service\u201d attack is a bombardment of target entities \u2013 web-sites, web-services, a commercial company\u2019s servers, sometimes even datacenters \u2013 with an immense amount of junk traffic. There are several types of DDoS-attacks, differentiated by the type of data they use, but there is always a common feature: DDoS is launched by several dozens, hundred, thousands or more computers, united into a botnet by a specific malware, otherwise it is launched from a few PC, but the traffic gets \u201camplified\u201d via the vulnerable DNS servers (for instance), those respond to most likely a short request with a much longer response, that gets directed towards the target networks by using IP spoofing. Whatever the method is, the goal of the attack is always the same \u2013 remove a target entity by overloading its servers or swamping its bandwidth so that no legitimate users could get access to its resources.<\/p>\n<p>For more details, kindly refer <a href=\"https:\/\/business.kaspersky.com\/ddos-broken-apart-when-they-all-start-shouting-at-once\/2231\" target=\"_blank\" rel=\"noopener nofollow\">a piece on DDoS attacks we shared earlier this year<\/a>.<\/p>\n<p>The worst thing about DDoS attacks is that they are extremely \u201caccessible\u201d \u2013 botnet owners sell their \u201cservices\u201d for a meager price (up from 50 bucks a day). Botnets\u00a0are\u00a0a bit of a problem that doesn\u2019t seem solvable at the moment, given the fact that botnets sometimes are distributed across the globe. And the damage they can inflict is extensive: downtime is a costly thing on its own (businesses risk losing between $10,000 and $50,000 a day as a result of these attacks), besides DDoS may often serve as a smokescreen for even more nefarious deeds, such as intrusion followed by data theft or malware planting.<\/p>\n<p>Almost a quarter of European companies (23 percent) consider DDoS attacks one of their top three business threats, according to a <a href=\"http:\/\/media.kaspersky.com\/en\/IT_Security_Risks_Survey_2014_Global_report.pdf\" target=\"_blank\" rel=\"noopener nofollow\">survey<\/a> conducted by B2B International and Kaspersky Lab. This research also indicates that 26 percent of European companies consider continuity of service one of their top three IT priorities for 2015. And the DDoS attacks are commonly used to interrupt this continuity. Cybercriminals use them for extortion, sometimes it is also a tool of an unfair competition.<\/p>\n<p>In a nutshell a DDoS-attack is just a lot of traffic. So in order to prevent it from drumming on your server, you need to have a bandwidth so wide that these streams of junk are just getting \u201clost\u201d. However, today\u2019s attacks peak on 300Gbps, and nearly two-third are coming in at over 1Gbps, <a href=\"http:\/\/www.verisigninc.com\/en_US\/website-availability\/ddos-protection\/ddos-report\/index.xhtml\" target=\"_blank\" rel=\"noopener nofollow\">according to Verisign<\/a>. At the same time typical bandwidth reserved for\u00a0a\u00a0commercial company rarely exceed 1Gbps. That means that larger botnets can swamp almost any single bandwidth. Besides, DDoS attacks steadily grow in intensity, and sophistication.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>A distributed protection against distributed threats<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FUhr8&amp;text=A+distributed+protection+against+distributed+threats\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>ISPs routinely filter the traffic, trying to block the most obvious junk; however it\u2019s not their field of expertise, so it\u2019s quite often that they overlook more subtle attacks that require careful analysis to get repelled.<\/p>\n<p>The most effective way to neutralize DDoS-attacks today, disregarding their type and size, is using specialized facilities \u2013 \u201ctraffic cleaning centers\u201d, which implement a combination of traffic filtration methods.<\/p>\n<p><a href=\"http:\/\/media.kaspersky.com\/pdf\/Kaspersky_Lab_Whitepaper_Kaspersky_DDoS_Protection_final.pdf\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky DDoS Protection<\/a> employs a distributed infrastructure of data cleaning centers: a distributed protection against distributed attacks. \u201cFighting fire with fire\u201d in a sense. Actually it is rather about ensnaring the swarm of bad data with a fine variegated grid.<\/p>\n<p>The solution combines different methods, including traffic filtration on the provider side, installation of remotely controlled appliances to analyze traffic next to the client\u2019s infrastructure, and the use of specialized cleaning centers with flexible filters. In addition the solution\u2019s work is constantly monitored by Kaspersky Lab\u2019s experts, so the onset of any attack can be detected as soon as possible, and filters can be modified as required.<\/p>\n<p>The software used to monitor and clean traffic has been developed in-house \u2013 just like all the other our solutions. This means that the way the solution works can be altered rapidly in response to changes in the techniques used by the attackers, even during an ongoing attack.<\/p>\n<p>The possibility to rapidly adjust filters is absolutely necessary because some especially persistent attackers often change the attack methods. In such cases an extremely prompt reaction is required from the defenders in order to keep the attack target\u2019s servers afloat and online.<\/p>\n<p>In addition, Kaspersky DDoS Protection can filter most of the traffic involved in attacks on the\u00a0ISP\u2019s side. That means only a small amount of highly sophisticated junk traffic needs to be diverted to Kaspersky Lab\u2019s cleaning centers.<\/p>\n<p>This solution and its techniques and technologies had been successfully applied and perfected in Russia and CIS countries, and now it is being offered to European clients of the company.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky Lab launches its solution Kaspersky DDoS Protection in Europe. A distributed network of data cleaning centers vs. distributed attacks.<\/p>\n","protected":false},"author":209,"featured_media":15635,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[2014,2198],"class_list":{"0":"post-15013","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-europe","10":"tag-kaspersky-ddos-protection"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/fighting-fire-with-fire-about-the-european-launch-of-kaspersky-ddos-protection\/15013\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/fighting-fire-with-fire-about-the-european-launch-of-kaspersky-ddos-protection\/15013\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/fighting-fire-with-fire-about-the-european-launch-of-kaspersky-ddos-protection\/15013\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/europe\/","name":"Europe"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15013","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=15013"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15013\/revisions"}],"predecessor-version":[{"id":33342,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15013\/revisions\/33342"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15635"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=15013"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=15013"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=15013"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}