Under Attack? Call (844) END.DDoS

DDoS Attacks Are Coming Back to School

School Bus Image

It is that time of year, where kids of all ages are heading back to school, with fresh, unwrapped school supplies in their backpacks with their smartphones, tablets, and laptops. Teacher and school administrators are busy preparing for their new incoming class of students, entering in student data, setting up distribution lists, updating their syllabuses, and setting up their grading systems among the many things our teachers do for our children. Hard at work behind the scenes are the computers, networks, servers, applications, and cloud infrastructure that supports all of the applications that our teachers, administrators, and students depend upon throughout the school year. While all of these various technologies have enabled a modern teaching and learning experience and provided efficiencies to our school systems, their availability is under appreciated. As we have come to rely on these technologies more, their availability has grown in importance as well.

Traditionally we think of the availability of our school in terms of the building(s) being open or closed, such as closed for a snow day, or worse for a natural disaster. But what happens when one piece of IT infrastructure that is used every day in our schools does not work? What happens if there is no internet access? Cloud-based solutions are not helpful, unless classes are moved to the local coffee shop, but only so many students can fit thought the doors. What happens if the server hosting exams or grades goes down during finals? Do students get sent home indefinitely until the problem is fixed.

One of the widest ranging threats to an educational institution’s Information infrastructure today are Distributed Denial of Service (DDoS) attacks. These attacks are very common on the networks of our colleges and universities and are increasingly being seen at high schools across America.

Attack Target Graph

While students are instigators for all imaginable reasons of these attacks, they are also frequently targets themselves. The two most commonly seen DDoS attacks in our educational institutions are students:

  1. Attacking their own school to delay their final exams that they have not properly prepared for;
  2. Attacking either gaming servers or other gamers to gain an advantage within the game they are playing in competition with other gamers.

While there is no DDoS 101 class, DDoS attacks are unfortunately as cheap as $5 (USD) and simple to execute, by even the most novice user. Sadly, this is a global phenomenon, and not isolated to any single geography.

At Arbor we have worked with educational institutions to implement comprehensive solutions to protect against DDoS attacks, including a group of state and regional educational organizations with a combined network that supports more than 1.4 million students and school internet access. The network provides access to high stakes online testing, such as PARCC, AIR, and MAP1 and supports integrated Education Management Information Systems with student data reporting, student information systems, and state fiscal software applications.

The shared network was experiencing an increasing number of DDoS attacks – 28 attacks in 28 days was reported at one time. Adding to the issue was that not all the attacks throughout the network were detected or reported. Administrators were aware of “low and slow” DDoS tactics targeting applications with lesser volumes of traffic that were very difficult to identify.

Now with Arbor’s DDoS Protection Solution, every participating organization using the statewide network enjoys multilayer DDoS defense, with always on, in-line protection from in-bound DDoS attacks through an on premise Availability Protection Systems (APS) that can also stop outbound activity from compromised hosts, and up to 2 Tbps of on-demand mitigation capacity from Arbor Cloud’s global, cloud-based scrubbing centers. In fact, one of the strengths of the comprehensive Arbor DDoS solution is the seamless integration between the scalable, Arbor Cloud DDoS protection service and Arbor’s on-premise APS. If an APS detects a volumetric DDoS attack that may overwhelm the organization, the APS can automatically redirect traffic to the fully managed Arbor Cloud DDoS protection service. This Cloud Signaling feature is unique to Arbor’s DDoS Protection Solution

Since deploying Arbor’s DDoS Protection Solution, state and regional educational organizations have experienced a reduction in DDoS attacks—and faster mitigation. They have effectively removed the threat of botnets, and set connection limits on application servers to prevent “unintentional” DDoS. They were also pleasantly surprised to recover 5-6 percent of inbound bandwidth and reduced their average firewall utilization.

School is back in session and DDoS attacks are sure to follow. Our schools are bastions of learning for our younger generations and their technology needs to be protected in order to ensure their missions of education and research are achieved.

On Blank Stares, Reflecting Ears, and DDoS Attacks

By Dr. Edward G. Amoroso, CEO of TAG Cyber LLC Whenever I get those dreaded blank stares from an audience having trouble understanding my clumsy description of the spoofing, reflection, and amplification inherent in distributed denial of service (DDoS) attacks, my lifeline is to jump to an analogy. Here is one of my favorites: “When […]

The Stakes Have Changed, Have You?

You’ll note a new image on our home page today with the headline “The Stakes Have Changed, Have You?” This is a new focus for our DDoS solution and part of the new look and feel of the Arbor website. What do I mean by “The Stakes Have Changed?” Take a look at this eye-popping […]

The Beef with Malware Attacks

A well-known fast food restaurant chain, famous for its burgers, was recently hacked and its Point-of-Sale (“POS”) system breached. The result: stolen customer information from more than 5,000 restaurants. Point of Sale systems are vulnerable to attack and just as my colleague reported, the attacks will continue and become more exotic over time. The Investment […]

Getting Real About Rio: Physical Security is Not the Only Security to Worry About

This month, the entire world is watching Rio. Amid police protests, violent crimes, terrorism threats, sanitation concerns, dangerous levels of viruses and bacteria in the water, major public transportation problems, Zika virus, and other fears, many Brazilians like myself are worried that our “cidade maravilhosa,” or “wonderful city,” was sadly not the most wonderful choice […]

Cyberhustle – Spotting the Classic Cons at BlackHat

I had a chance today with Scott Howitt to have a little fun at BlackHat.  I’ve always enjoyed the show over the years for many reasons, not least of which is avoiding taking ourselves too seriously in ways that seem to be the norm at some other security shows. So this time, I thought let’s […]

e-Sports: A Prime Target for DDoS Attacks

As my colleague discussed a couple of weeks ago, with DDoS attacks continuing to grow in scale and frequency, and increasingly being used to disguise other forms of cyber-crime, gaming companies now have a big target on their backs. e-Sports, organized, multiplayer video game competitions, has become an extremely popular and lucrative business with at least 70 […]