The scale of DDoS attacks has reached new orders of magnitude in the last year, both in terms of the power of individual events and the quantity that are taking place. While the igaming industry tends to suffer smaller attacks, most of which are conducted by disgruntled customers, of fundamental concern to operators will be that the sector attracts more attacks than any other area of business.
ROSS GAVEY is head of data centre sales at Sure International across the Channel Islands and Isle of Man. He works closely with clients across the gamut of Sure’s data centres and cloud services, DDoS protection and disaster recovery.
With attack capabilities entering the mainstream, US law enforcement has spent a good deal of 2018 focusing on taking ‘DDoS for hire’ services out of action. These services are becoming more easily available and as a result are putting DDoS capabilities in the hands of people with less technical expertise.
From an igaming perspective, these services enable a retail market in DDoS attacks to exist and they’re only likely to become more sophisticated as they learn from the larger, one-off attacks that are at the forefront of the threat environment.
Today’s exception is tomorrow’s norm
Security firm Corero corroborates content delivery network Akamai’s observation that most attacks are low-level. It reports that 95% of the attacks witnessed by its clients are 5Gbps or less, but that wasn’t the case this February when Github suffered an event measuring a record-breaking 1.3Tbps. Just a month later, a US-based ISP had to fend off a 1.7Tbps stream of data that was aimed squarely at knocking it offline.
The fact that DDoS is principally about disruption is likely to account for its popularity. In the main, attackers aren’t looking to steal credit card data or personal information. Their aim is to deny a service being used by its customers.
The damage is done in two ways. Firstly, they stop paying customers from using an online service, thus reducing revenues. Secondly, they can harm a brand to such an extent that once-loyal users consider heading elsewhere. In a 24/7/365 environment, service availability is crucial. By denying customers access to the igaming experience they want, attackers are counting on the fact that they’re hitting the sweet spot where dipping revenues and deserting customers collide.
Mitigate the threat, delight the customer
The average cost per attack across all sectors is £35,000, including mitigation costs. On paper, this looks like a figure that larger businesses should be able to handle on a one-off basis, but with a growing trend for repeated attacks (20% of victims experience a second attack within 24 hours), even wealthy companies are having to take note.
For the igaming sector, successful prevention is everything and so the choice of hosting partner is vital. Sure understands this and has designed and deployed a unique dual-island data centre network that offers the levels of resilience that operators need.
Sure’s vast experience in the igaming sector has informed the firm’s decision-making as it looks to develop its global presence in the industry. The company is determined to maintain its reputation for igaming network security and so has combined the physical resilience of island-based data centres with Arbor DDoS protection, which secures the high bandwidth gateways at the network’s edge.
As a result, our customers have peace of mind knowing that regardless of the size of attack, whether it’s a disgruntled 1000Mbps or a monster 1Tbps, their network will remain available and their customers loyal.
COMPANY PROFILE
•NAME SURE INTERNATIONAL •FOUNDED 2013 •SECTOR ONLINE CASINO •WEBSITEINTERNATIONAL.SURE.COM