Nexusguard Fends Off Untimely DDoS Attack for Gaming and Payment Application Provider
There is nothing worse for online businesses than having their services taken offline. One day, an online gaming and payment application provider – which serves a multitude of websites – became the weakest link in its own ecosystem when it came under attack.
Applications are lucrative targets for attackers and are often too complex to be protected by one-size-fits-all solutions. Truly effective protection requires consultancy, expertise, and a bespoke solution customized for each company’s specific needs.
An Untimely Attack
The attack occurred before Nexusguard even had time to finalize its mitigation strategy for the application provider. In fact, the Security Operations Center (SOC) detected malicious traffic moments after the client had just signed up. Though an attack during the provisioning stage was extremely untimely, Nexusguard’s SOC team was able to monitor and mitigate the attack on the fly.
Large-Scale Attack, Unexpected Duration
Using a combination of UDP and TCP SYN floods to overwhelm the application provider with malicious traffic, the attacker disabled all of their applications. In order to restore services as soon as possible and prevent possible collateral damage, Nexusguard redirected all malicious traffic to its partner ISPs – a practice known as Traffic Engineering.
During this time, policies and defense filters were simultaneously provisioned to ensure proper defense mechanisms would be in place when the client’s services were restored. Though the attack techniques used were relatively simple in nature, the attacker relentlessly bombarded the servers for twenty-eight hours, consuming an average bandwidth of 100Gbps.
All Applications Back Online
Whether intentional or not, the timing of the attack was perfect. However, Nexusguard was able to restore services to the client within 15 minutes from the start of the attack, effectively mitigating all attacks while setting up future defense mechanisms. Real-time communication with the application provider also allowed Nexusguard to fine-tune the mitigation strategy and to optimize performance for all of the client’s applications
Despite the attack’s timing, scale and duration, Nexusguard was still able to satisfy its SLA (service-level agreement) to the client. It would have been nearly impossible without Nexusguard's researchers and engineers’ quick response in setting up defenses and their expertise in dealing with zero day attacks. The team's ability to satisfy a new customer's security needs and ultimately inspire confidence to them is a testament to Nexusguard's dedication to its customers.Download
“We were so worried about affecting our customers’ businesses – we would have lost most, if not all, their trust if the attack had dragged on for days. Thankfully, Nexusguard got everything back to normal in just 15 minutes!”
gaming and payment application provider