siliconindia | | May 20189Organizations that take their cloud play highly seriously are some of the most probable organizations to be leveraging an understanding of utilisation to drive a better understanding of customer experience and predicting forward demand for their productsthe automatic shutdown of service. For this reason, it is down to the end users to define the thresholds for dollar spend alerts to somehow then run countermeasures to limit the economic blast radius of an EDoS attack. For instance, since 2012 Amazon has had functionality which allows customers to get an aggregate view on their billing across services (S3, EC2, and many more) and set alert thresholds around these. Obviously, it is on you to determine exactly what you do with the alerts.Cloud-architected applications is the road to infinite billing ­ customers that have gone through the cloud transformation playbook face the nemesis of infinite cloud scale: infinite cloud billing. Stripping back an environment from the traditional limits of scalability in favor of cloud-built apps quite simply takes the gloves off a DDoS attack to economically hurt. For this reason, such organizations embarking on this transformative cloud journey would have received the very sound advice of cloud migration experts and a multitude of best practice whitepapers to purchase effective DDoS protection. If they had not taken heed, then the clock is ticking to face down the bill caused by the insatiable demand of an IoT botnet! Knowledge is power, metrics matter. Organizations that take their cloud play highly seriously are some of the most probable organizations to be leveraging an understanding of utilisation to drive a better understanding of customer experience and predicting forward demand for their products; a so-called Data Driven Company. In stark example, a streaming service like Netflix would be measuring the volume of video commencements, the logic being that a higher than normal ratio of commences could indicate a service issue with frustrated users attempting to recommence content on initial failure. It is not difficult to understand that a DDoS attack into the service left unmitigated could completely throw off such metrics and the value they have towards the company bottom line.Auto-scaling combined with pulse attacks is the primary pain for both economic and experience impacts ­ one of the key trends Radware sees is around pulse attacks, whereby organizations endure multi-vector attacks that oscillate between volumetric and application layer in short periods of time that leave no room for infrastructure to recover or manual countermeasures to be formed. Think of how such burst attacks play out against auto-scaling triggers, even if the organization has DDoS technology. The technology would need to be able to detect and mitigate attacks in seconds to prevent auto-scaling triggers firing, fleets of virtual servers coming online automatically, remaining up for a period of time and then shutting down again when load disappeared. However, more seriously, what are the implications for customer experience and the management overheads for supervising services coming online and going offline in high frequency. Most organizations would expect that service goes into overdrive just once or twice a day to meet variable demand, what if that was happening +500 times a day? The organizations I've heard about that have encountered this scenario were proud of how they fought off 48-hour attacks through the determined efforts of DevOps staff to keep putting plugs in the dam to limit the billing blast radius. But into campaigns that go on much longer, the distraction for the ICT org is irrefutably highly problematic without highly effective DDoS mitigation technology. Cloud computing provides no assurance that inherent scalability can mitigate against DDoS attacks. The pain could be service outage, user experience degradation or unnecessary reoccurring spend, and the only viable mitigation is DDoS technology that is as automated enough to cope. Nikhil Taneja
< Page 8 | Page 10 >