Affordable barrier to DDoS attacks comes on stream
Singapore-based Internet service provider (ISP) ViewQwest has launched a DDoS (Distributed Denial-of-Service) protection service that it says is the most affordable in the country.
A DDoS protection service is designed to defend organizations from debilitating attacks against their websites and Internet-facing services. This is achieved by automatically diverting incoming network traffic during an attack to “scrubbing centers” where malicious packets are identified and dropped, and legitimate requests routed back to the user.
The underlying technology behind ViewQwest’s service comes from security specialist NSFocus, which has more than a decade of experience in enterprise network security solutions and services. On its part, ViewQwest says its starting price of SG$699 (US$516) per month means that more e-commerce websites and online services in Singapore can now gain access to DDoS mitigation capabilities.
“Singapore is the regional hub for e-commerce and online services,” said Vignesa Moorthy, CEO of ViewQwest. “With this partnership, we aim to offer premium-class DDoS mitigation to protect these websites at prices that they can afford to help boost Singapore’s position as the leading online services hub in this region.”
There is no denying that cyber attacks in the form of DDoS translate into real-world damages measurable in both costs and tarnished reputation, and that the cost is rising. But what is the situation in the region when it comes to DDoS attacks, specifically Southeast Asia and Singapore?
Ahead of the launch, Moorthy told DCD that the DDoS protection services market is highly underserved locally, and there are “a lot” of government tenders stipulating DDoS mitigation in their procurement requirements. Yet existing offerings are limited in their capabilities, and may also be based out of infrastructure located in the United States. The latter can deliver worse performance due to high network latency.
According to Moorthy, existing DDOS mitigation services here would simply “black hole” - switch to a mode in which they block network packets wholesale, when faced with DDoS attacks of greater than 400Mbps. Moreover, most such services offered in Singapore are also helpless against more sophisticated application-level attacks, says Moorthy, which depart from the usual brute-force approach in favor of surgical strikes on vulnerable components of an online site. By relying on specially crafted requests, these attacks aim to crash the server by consuming a disproportionate amount of available CPU cycles with comparatively low levels of bandwidth.
“After this point, if you’re serious about it, you have no choice but to rely on [DDoS] providers in the US, which causes a lot of impact and latency. The last thing you want is for your website to slow down drastically,” said Moorthy of brute force DDoS attacks. “We want to go to market with a comprehensive solution that is designed to address real world attacks. We want to bring a world class service in-country.”
“If you look at today’s landscape in terms of those players offering services, they are all paying a very high price, and are not effective,” he said. “We are making it very affordable [and] easy to subscribe [and] we are able to extent not just to existing customer base, but to customers who want to subscribe to such a service. We are making DDOS affordable to everyone.”
And rather than reinvent the wheel, ViewQwest decided to partner with NSFocus, which furnished the underlying detection and filtering technology, including the customer dashboard. This strategy allowed ViewQwest to focus on building an infrastructure “from the ground up” to address DDoS attacks here.
“[NSFocus] has the technology where we integrate it into the network. From detection to mitigation, to the customer portal, the entire solution is there,” said Moorthy. “The platform provides the analytics, when the traffic exceeds a certain threshold – the statistics is available on the customer portal.”
Vignesa Moorthy, CEO, ViewQwest
The idea behind building a DDoS cloud is to weather the torrent of traffic that would otherwise overwhelm servers. NSFocus handles sophisticated attacks, but by itself is not proof against volumetric attacks, also known as brute force attacks, where attackers – usually using a “botnet” of compromised PCs and servers – flood the victim with a large volume of traffic.
This means that the partnership does not remove the need for extensive on-premises DDoS infrastructure, which was what ViewQwest invested in. ViewQwest declined to give specific details of its scrubbing capacity, but it is understood that it has invested in high capacity links so even its basic offering is touted to offer protection against DDoS attacks of up to 1Gbps. In contrast, the entry level capacity for competitors is just 400Mbps (Or 0.4Gbps), according to Moorthy.
Aside from the company’s data center at Pantech 21 located at Pandan Loop, ViewQwest has points of presence at Equinix’s SG1 and SG2, as well as Global Switch data centers in Singapore. The majority of the company’s DDoS infrastructure and ViewQwest’s core network is housed in Equinix, with “some of it” at Pantech 21, said Moorthy.
According to ViewQwest, its DDoS service can be deployed using on-premises hardware that will detect and reroute traffic in an attack. No such deployment is needed for customers already on its network as traffic will be diverted automatically.
“We have dark fiber going to almost every single data center in Singapore,” said Moorthy, pointing out how this allows new customers to be easily connected.
The final linchpin of the ViewQwest DDoS offering is the NSFocus cloud, a cloud-based DDoS mitigation service that was announced earlier this year. This will be ready in the next couple of months, according to Allan Thompson, the chief operating officer of NSFocus, who was in town for the launch of the service. Based at multiple locations around the globe – including Singapore and Hong Kong – it will serve as a final fallback with a greater capacity than the largest recorded DDoS attacks to date.
Plans to grow
While DDoS protection is not new, the disruptive factor, according to ViewQwest and NSFocus is how the affordability now puts it into the hands of small and mid-sized businesses. Most DDoS vendors only cater to larger companies, they say, which leaves an increasing number of smaller businesses that have an online presence at the mercy of extortionists wielding the threat of punitive DDoS attacks.
“The fact that you don’t hear about [DDoS attacks], doesn’t mean that they doesn’t exist,” noted Moorthy, who highlighted how some of his residential customers who sign up for static IP addresses have been swamped by DDoS attacks of 1.5Gbps to 2Gbps directed at their self-hosted game servers.
“We have this [Next Gen] NBN network,” said Moorthy, referring to Singapore’s next generation nationwide broadband network initiative, which saw the island wide deployment of a network-neutral all-fiber network. By leveraging that, the majority of the ISPs now offer residential 10Gbps broadband Internet service. “Imagine what happens when these computers become bots. This take 10 of my customers on 10G [networks]. That’s 100Gbps of DDOS traffic.”
The DDoS protection service is only just launched, but Moorthy is already looking ahead to expanding it to regional countries. For now, the plan is to extend ViewQwest’s DDoS infrastructure to Malaysia by the mid of this year, followed by Indonesia by early next year. Aside from protecting regional businesses from actual DDoS attacks, one can be hopeful that its availability will also help reduce the number of fake DDoS extortions attempts from succeeding.