CDNs Must Prepare For the New Cyber War Frontier

There is a thriving market place for DDoS-for-hire services. Some characters are even offering free trial accounts, and refunds if not satisfied with the bot rental services. CDNs must prepare for the new cyber war frontier involving DDoS attacks. CloudFlare encountered a 400Gbps DDoS network attack a few months ago. In Q1 of 2014, Akamai encountered a 200Gbps DDoS network attack. Even though the CDNs came out on top, it seems like the balance is titling in favor of DDoS attackers.

Currently, there are market places that sell bot armies packaged with high bandwidth that can be used in launching attacks. According to one market place, a 10-100Gbps attack for the day cost $200. Does that mean that a 400Gbps DDoS attack cost $800 to $1000 for the day? If that’s the case, who loses in the 400Gbp attack against CloudFlare? One thing is for sure, it’s going to cost CloudFlare much more than $1000. Now let’s take some snippets from three separate reports published by three reputable security companies.

Recently, Prolexic published its Q1 2014 DDoS report; the two key takeaways: 1) DDoS network attacks accounted for 87% of all attacks against Prolexic customers 2) The tools for creating DDoS attacks are widely available, requiring fewer resources, and minimal skill set. Next, Incapsula recently publish its DDoS report with one key takeaways; DDoS attacks are becoming more sophisticated where multiple attacks occur in succession of each other, where one attack mask another type of attack. For example, sophisticated attackers are launching network layer attacks to bring down security appliances, than launching more powerful application layer attacks. In terms of fees for bot rentals, here is some pricing published by Damballa:

 DDoS-for-hire Service Rentals at Various Market Places
  • Rental of 10,000 bot agents per day for $200
  • Rental of 80k to 120k hosts that are capable of launching 10Gbps-100Gbps attacks per day at price of $200
  • Rental of 12,000 bots for $500 per month
  • DDoS rental fees start at $50 per day for small attacks generating a few Gbps in traffic
  • Daily fees can drop to only a few dollars is the timing is optimal
  • Commercial DDoS rental fees are $20-$100 per hour for high volume DDoS attacks
  • Try before you buy services    for 3-5 minute trial

In summary, content delivery networks need to prepare for the worse, as the price for DDoS for hire services drop. If a 400Gbps attack reaches a point where it cost $1000-$5000, smaller CDN are going to find it difficult to compete with larger CDNs.