The latest DDoS attacks against Dyn and Brian Krebs are a defining moment for the CDN industry. Up until last year, large-scale DDoS attacks weren’t much of a concern to content delivery companies. Fast forward to today, and in the span of 4 weeks, the Edge Security business model has been turned upside down. The truth of the matter is that Akamai is the only DDoS Mitigation provider in the world that can handle a 1Tbps+ DDoS attack and not sweat too much.
However, even the mighty Akamai is ill prepared to deal with the 2Tbps+ DDoS attacks that are around the corner. Fortunately for Akamai, all they need to do is re-align some of their existing capacity to the DDoS business, since ordering bulk transit from carriers can take months to provision. There are many takeaways and lessons learned from the latest large scale DDoS attacks, including the following:
Takeaway #1
Dyn has two choices: 1) Partner with Akamai for DDoS Mitigation or 2) Build massive capacity. The same applies to all other DNS providers because they are the weakest links in the content delivery chain.
Takeaway #2
Large content companies will employ a multi-DNS provider strategy, possibly building some internal capabilities.
Takeaway #3
Expect that IoT DDoS attacks will become the new norm and start happening on a weekly basis. Why? According to Krebs, XiongMai Technologies manufactured a “broad array of white-labeled DVR and IP camera boards,” which are being used in products by an untold number of consumers. Those devices are likely to be used for a very long time. Therefore, attackers have a short window of time to launch attacks. We estimate that window will close in 6 months.
Takeaway #4
Last week’s attacks are a defining moment for the CDN and Infrastructure-as-a-Service industry. The DDoS Mitigation business will become a high volume, low-profit business similar to video streaming. DDoS Mitigation PoPs are going to cost $2M per year at a minimum for DIY scrubbing centers.
Ball Park Cost Summary
- 36 Servers x $5,000 = $180,000
- 36 SolarFlare NIC’s x $1,000 = $36,000
- Rack x $2,000/month
- 14x100Gbps Internet Ports: 140Gbps x $1.00 = $140k/mo.
- Does not include cost to create custom scripts, programs and applications for filtering traffic