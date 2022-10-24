It is critical for South Africans to protect their sites against distributed denial of service (DDoS) attacks to prevent the loss of meaningful traffic on their websites.

DDoS attacks on South African websites and applications have increased in the first half of 2022, according to a Netscout report.

“DDoS attack volume was significantly higher by the end of June when compared with 2H 2021,” it said.

Netscout’s data shows that South African websites and apps had suffered 113,487 DDoS attacks as of 1 July 2022, with the average attack lasting four minutes.

It found that the frequency of DDoS attacks on South African websites had decreased slightly toward the end of 2021.

However, Netscout said malicious actors have ramped up their attacks during the first half of 2022.

Netscout noted that the maximum bandwidth and throughput recorded reached 590Gbps and 54 million packets per second (Mpps).

The peak aggregate throughput in one minute reached 9,375Mpps, while the sum peak bandwidth of DDoS attacks in South Africa reached 83,034Gbps.

According to a Seacom report, the frequency of DDoS attacks in Africa increased by 300% in 2021, compared to the same period in 2019.

There are several different types of DDoS attacks, all of which aim to disrupt digital platforms, servers, and networks, making them unavailable to ordinary users.

Volumetric attacks aim to use up the target website or application’s bandwidth by overwhelming a network’s capacity with high traffic volumes.

These attacks lead to server congestion, ultimately causing the system to become unresponsive. Attackers may also use a DDoS to disable firewalls or other devices that monitor network traffic.

Application layer attacks are commonly used with volumetric attacks and aim to crash web servers with seemingly normal requests.

These attacks are considered extremely dangerous because they are hard to detect and mitigate. Application layer attacks can often go unnoticed.

Protocol DDoS attacks are low-volume attacks that happen over time, overwhelming servers and communication equipment such as load-balancers and firewalls.

These attacks are measured in packets per second and are designed to consume a network’s processing capacity to prevent regular traffic from reaching the site or application.

DDoS protection products are designed to proactively mitigate attacks by scrubbing traffic and blocking known attackers or malicious traffic.

Some of the best DDoS protection products and services available in South Africa are listed below.

Amazon CloudFront

Amazon describes its CloudFront system as a highly secure content delivery network that provides protection at both the network and application levels.

Its customers include Reuters, Slack, Hulu, and King, and all CloudFr0nt clients benefit from the automatic protections of AWS Shield Standard, at no additional charge.

Amazon says the product also provides traffic encryption and access controls, and the AWS Shield Standard offers bolstered defence against DDoS attacks.

Cloudflare DDoS protection

Cloudflare says its DDoS protection protects websites, applications, and networks from attacks while ensuring that legitimate traffic is not compromised.

The content delivery network and DDoS mitigation company’s network has a capacity of 155Tbps and was named a leader in the Forrester Wave DDoS Mitigation Solutions report for Q1 of 2021.

Cloudflare says its 155Tbps network blocks an average of 124 billion threats per day, including some of the largest DDoS attacks recorded.

Google Cloud Armor

Google’s Cloud Armor product is designed to protect applications and websites against denial of service and web attacks, with customers benefiting from DDoS protection and web application firewall solutions.

Google says Cloud Armor detects and mitigates attacks against Cloud Load Balancing workloads, leverages machine learning to help detect and block Layer 7 (application layer) DDoS attacks, and helps protect workloads on-premises or in the cloud.

It also features bot management which provides automated protection for your apps from bots.

Liquid Networks DDoS Secure

Liquid Intelligent Technologies launched its DDoS Secure product offering in September 2022, and it is designed to proactively mitigate attacks by scrubbing traffic and blocking known attackers or malicious traffic.

Attacks are mitigated through one of Liquid Intelligent Technologies’ four data centres located in South Africa, Kenya, France, and London, to remove any malicious traffic.

Liquid said its DDoS Secure product provides higher visibility of potential attacks, while automatically mitigating threats.

Seacom Business DDoS Protect

Seacom says its Business DDoS Protect software is backed by global threat intelligence and fully managed and automated.

It offers four product tiers — on-demand, bronze, silver, and gold — that provide varying levels of protection, from on-demand mitigation solutions to holistic protection that ensures businesses are prepared for any attacks.

Seacom provides real-time on-premises, in-cloud or hybrid prevention, mitigation, and reporting.

Vox Telecom Managed DDoS

Vox Telecom’s Managed DDoS service is based on the NetScout Arbor Product Suite and powered by Armata Cybersecurity.

The ISP says the service effectively detects and removes DDoS threats and mitigates attack vectors with multiple options, such as international or national scrubbing services.

It can also “blackhole” traffic by dropping bad results before they affect your links, meaning an attack can be stopped before it reaches the South African server.

Xneelo DDoS Mitigation services

Xneelo’s DDoS detection and mitigation system is deployed in its Cape Town and Samrand data centres and diverts DDoS attack traffic to a scrubbing server that can distinguish between valid and malicious traffic.

The service is fully automated and scrubs off malicious traffic while re-directing legitimate traffic back into the network. Xneelo says the victim’s IP is not affected during the DDoS attack.

Smaller DDoS attacks are scrubbed locally in the data centre by the mitigation system, and Xneelo diverts traffic to an international DDoS mitigation provider for larger attacks.

