Cloud security protection for your apps and network

Organizations around the world rely on apps to connect with customers, business partners, suppliers and staff. To accelerate their digital transformation journey, organizations are focusing more on building and improving apps. As development and production environments are more elastic than ever and cloud security comes second to rapid application delivery, the application attack surface has expanded with vulnerabilities appearing to correlate with complexity. .

Radware’s Application Security Report indicates that 98% of respondents experienced attacks against their applications. Eighty-nine percent experienced outages due to DDoS attacks targeting their web applications, impacting their customer experience and revenue. Managing bot traffic is also a challenge, with 82% of respondents reporting bot attacks. Despite the availability of dedicated solutions to detect and repel illegitimate bot activity, only a quarter of organizations surveyed use it. Organizations need to ensure that their security solution provider is capable of defending their applications and network.

What happens to companies without adequate protection?

Politically motivated attacks have targeted this EMEA postal service for years. It experiences thousands of attacks daily ranging from app and bot attacks to network and public cloud attacks. The organization’s IT department was overwhelmed and unable to defend against these attacks, resulting in customer dissatisfaction and lost revenue. The Postal Service turned to Radware for help.

[You may also like: What is Cybersecurity and Why It’s Important]

CHALLENGES

The Postal Service had to overcome challenges to deliver a positive user experience and retain revenue. Bot requests started overloading the package tracking service. Bad bot traffic from third-party apps was abusing the API to track package delivery.

Then the Postal Service suffered bot scraping attacks on its premium services for business and consumer address requests. The scraping bot exposed this information for free on the web, which reduced the service’s revenue.

Figure 1. Malicious bot events per day

In another attack, hackers tested the government entity’s defenses by sending low-volume (4-5 Gbps) DDoS attacks against its network. These short-lived DDoS attacks caused excessive loads on the Postal Service’s network and its stressed package tracking application. DDoS attacks impacted the package tracking API, so users were unable to track the delivery of their packages.

Figure 2. Burst attacks displayed in purple

The Postal Service needed to keep APIs and applications available and distinguish legitimate bot traffic from malicious bot traffic. The Postal Service’s IT team attempted to reduce bot and DDoS attacks through geo-blocking and service reduction. Unfortunately, this has also limited service availability for customers, leading to negative user experience and customer dissatisfaction.

The Postal Service’s website, which the entity depends on to process millions of transactions a day, was also attacked. Users were unable to access the postal website, but the organization noticed a significant increase in network traffic. Its website was targeted by Layer 7 (L7) application attacks, primarily SQL injections (73%).

[You may also like: What it Means to Redefine Success in Cybersecurity]

SOLUTIONS

To stop bot attacks on the package tracking API and bot scraping of its address request service, the Postal Service tested and purchased Radware’s Bot Manager. After blocking malicious traffic, overall network traffic was reduced by 40% and transactions were reduced by 50%. The Postal Service was able to provide customers with a better online experience while reducing bandwidth costs and web server computing resources.

The Postal Service also needed a more efficient way to handle the daily attacks on L7 applications and data centers that overwhelmed its IT team. The organization chose to move from Radware’s on-premises WAF service to Radware’s fully managed Cloud WAF service. The Cloud WAF comes with Radware’s Managed Cloud DDoS Protection Service to help the organization manage exploratory DDoS attacks and future DDoS exploits.

GO TO THE CLOUD

The Postal Service wanted to move applications to Microsoft Azure to recognize agility and flexibility in application development and deployment. However, they wanted to secure their proprietary assets in the cloud, where attackers would have access to its valuable data through the cloud provider. The Postal Service also needed visibility into its assets to remotely manage the risk of exposure to its cloud applications and data.

Radware’s Cloud Native Protector could help the postal service analyze potential risks and give them the visibility they need to manage their cloud assets. After a successful proof of concept and installation, the Postal Service learned that part of its cloud data storage had been exposed. The Postal Service uses Cloud Native Protector to secure its data assets and also uses the service to control excessive permissions to applications.

When evaluating security solutions, be sure to ask the following questions of the vendor whose solutions you are evaluating:

  1. Can you ensure business continuity in the event of an attack?
  1. What attacks does your solution defend against?
  1. Do you use behavioral learning algorithms to establish “legitimate” traffic patterns?
  1. How do you distinguish between good and bad traffic?

Read the full EMEA Post case study here.

Like this post? Subscribe now to get the latest Radware content delivered to your inbox
weekly and exclusive access to Radware’s premium content