DDoS attacks bolster cloud website optimiser

Enterprise product in the making and ‘loved’ by disbanded hacker group LulzSec.
  • Liam Tung (CSO Online)
  • — 28 June, 2011 12:22

Enterprise product in the making and ‘loved’ by disbanded hacker group LulzSec.

The constant and very real threat of distributed denial of service (DDoS) attacks aimed at headline grabbing “hacker” groups, such as Lulz Security and Anonymous, have helped one tech start-up pick up new business.

Content distribution network CloudFlare was launched in 2010 with a simple promise to optimise website performance. Instead of traffic hitting a website's server directly, it is routed through CloudFlare's global network of edge nodes. At the beginning of 2011 it supported just over 20,000 websites, but six months later it has clocked up 40,000, according to June figures, according to Paul Mutton of UK security firm, Netcraft.

One of the features that has impressed users, according to CloudFlare,is the protection it provides websites suffering a DDoS attack.

“If there is a big change, then our system automatically starts to investigate whether it is legitimate traffic or an attack,” CloudFlare co-founder, Michelle Zatlyn explained on the company's blog.

If it is not legitimate traffic, then the system automatically starts to learn and starts to stop the new threats at our edge nodes, before they hit the site's server.”

High profile customers, such as the reportedly disbanding group, Lulz Security, used the service to bolster lulzsecurity.com. The group recently declared their “love” for it to their 280,000 followers on Twitter.

However, as a measure to counter a DDoS attack, it has its limitations, according to NetCraft's Mutton. Fellow hacker collective Anonymous previously used CloudFlare to support the AnonNews website, but it was booted off after a recent attack affected CloudFlare’s network.

Part of the service’s appeal is the apparent ease with which customers can sign up.CloudFlareclaims it takes just five minutes and simply requires that a customer change their domain’s DNS settings, without requiring additional hardware or software.

The company is currently seeking interest from businesses for an enterprise-grade service that it plans to launch soon.

Tags: DDoS attacks, distributed denial of service (DDoS), ddos, security, Lulzsec, cloudfare

Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Identity & Security Management

Identity and Security Management

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.