Recently, we moved one of our customers to the Where shared compute and storage resources are accessed as a service (usually online), instead of hosted locally on physical services. Resources can include infrastructure, platform or software services.... which helped them save money over their previous IT provider, gave them better tools in their office and secured their office Two or more computers linked in order to share resources.. Great win!
At the same time we recommended that steps were taken to secure their website.
They took the decision to prioritise their office move due and to deal with the security side at a later date. Unfortunately, four weeks later they suffered a Malicious attempts to damage, disrupt or gain unauthorised access to computer systems, networks or devices, via cyber means..... In fact, it was a double attack; a Using a computational power to automatically enter a huge number of combination of values, usually in order to discover passwords and gain access.... followed by a When legitimate users are denied access to computer services (or resources), usually by overloading the service with requests. DDoS is used to describe where multiple compromised services are used to target a single service.... attack. Their website received 21.6 million hits in the space of nine hours which took down their website and their web server.
Our customer’s website was provided by a web hosting company and made use of free website protection offered at the time of purchase; this was still in place. Once the volume of website visits started to ramp up significantly, our customer realised something was badly wrong and in a state of panic subscribed to a popular website protection service at $20. This is a great, comprehensive, The basic hardware (device) and software (operating system) on which applications can be run.... but it needed (a) some expertise to set it up properly to protect them at all (it didn’t deflect anything initially) and (b) to protect them properly from the attacks meant they had to pay $300 for the enterprise license. At this point they picked up the phone to us here at YouCloudIT and we acted quickly to help and support:
- We configured what they had bought to protect them as best as possible for the $20 they paid (out of the 21.6 million hits, this popular web protection platform deflected exactly 79 website hits)
- We immediately started managing and controlling the traffic to minimise the impact of the attack
- We then deployed YouCloudIT WebSafe (currently available at £24.99 per month) and used it to fully manage the cyber attack
So what had happened?
- The attack was twofold; the first attempted to May refer to software or data that takes advantage of a vulnerability in a system to cause unintended consequences.... any vulnerabilities on their server. The free website protection actually helped to protect the server. Sadly, in doing its job, it was eventually overrun and their website was taken down.
- Cybercriminals have access to Malicious software - a term that includes viruses, trojans, worms or any code or content that could have an adverse impact on organisations or individuals.... they have deployed onto PCs around the world (common and done by various means such as hyperlinks in emails and downloads on your PC etc).
- The cybercriminal in this instance then made use of these PCs to initiate a sustained attack from these devices onto our customer’s website.
- Their website had received 21.6 million hits which, due to the volume, resulted in their server not being able to respond and would simply stop.
- We tracked what type and source of traffic was being aimed at our customer and identified quickly that the traffic was coming from different countries around the world: 70% of the traffic was coming from Egypt and 10% from Iraq with 20% from various other countries.
- We then proceeded to carry out multiple steps to block this traffic and then restore their website, so our customer could trade again.
Our customer has since prioritised their The protection of devices, services and networks — and the information on them — from theft or damage.... and taken our full security service and now has peace of mind knowing that they are safe.
What made this difficult to stop was the nature of the traffic – which the platform they were using simply saw the requests as valid. The second challenge was the sheer cost of deploying some of the features they would have needed just to deal with some of the impact – all at a time when there is pressure to get their business online. Thankfully, once the YouCloudIT WebSafe A web application firewall (WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers.... was deployed we were able to bring the issue to a successful close.
Click here to take a look at our Cyber Security products.