Every business can benefit from optimizing and protecting its application servers, DNS zones, and network infrastructure. Constantly evolving cyber threats and increasing internet traffic make staying one step ahead of malicious actors challenging. From handling increases in Domain Name System (DNS) requests to mitigating waves of Distributed Denial-of-Service (DDoS) attacks to protecting vulnerable web applications—it’s a lot for any business to manage. That’s where Vercara comes in.
To help security, DNS, and network operations teams stay informed, Vercara’s Cyber Threat Intelligence Team publishes monthly reports on the analysis from our core solutions: UltraDNS, UltraDoS, and UltraWAF. These reports explore how Vercara’s advanced solutions enhance security, offer comprehensive protection, and ensure operational resilience against sophisticated cyber threats.
Enhanced security and proactive threat mitigation.
Maintaining the confidentiality, integrity, and availability of internet-facing applications and infrastructure is essential in a digital economy, which can make it challenging for IT and security teams to minimize disruption from attacks. Our May reports show that Vercara was successful in detecting and mitigating a wide range of attacks, and some of the trends we observed point to distinct shifts in the threat landscape.
DNS query statistics.
Modern websites are inundated with traffic with some sites receiving billions of visits daily. DNS is the backbone of internet navigation, translating human-readable domain names into IP addresses of destination websites. Timely and accurate resolution of names on authoritative DNS servers is crucial to uptime but also user experience.
In May 2024 alone, UltraDNS processed over 3.9 trillion DNS queries, an increase of over 6% compared to April. We also observed an incremental shift toward IPv6 month-over-month. May had 7.11 billion IPv6 queries, a 1.53% increase compared to April. The shift toward IPv6 shows that more browsers are defaulting to asking for IPv6 DNS records, and IPv6 is going to overtake IPv4 in the future.
DDoS protection.
DDoS attacks involve malicious actors flooding networks with traffic, causing slowdowns or crashes akin to digital traffic jams, preventing users from accessing a website or service.
In May 2024, UltraDDoS Protect effectively mitigated 14,594 DDoS attacks, a 91.77% increase from April and the largest number of attacks seen this year. The Financial Services industry was the second most targeted industry; however, attacks increased by 55.16% compared to April, primarily due to hacktivism driven by geopolitical conflicts.
May also saw the largest carpet bomb DDoS of the year, consisting of 3,049 small DDoS waves that lasted around 2 hours and 30 minutes. Carpet bomb DDoS attacks continually change the targeted IP addresses within a network block and/or attack vectors, which makes them challenging to detect and mitigate.
WAF defense.
Web applications are the front doors to a business, whether it’s an eCommerce site, online banking, or a streaming service. Once compromised, malicious actors can access the underlying data within a website or pivot to access other infrastructures within a network. Web Application Firewalls (WAFs) act like checkpoints; they sit in front of a web application to scrutinize every request and block malicious transactions.
In May 2024, UltraWAF processed over 1.05 billion web requests, 49.03% of which were identified as malicious, though this represented a decline from April. In direct contrast, bot traffic surged, accounting for 1.1% of all web traffic and increasing 21.01% from April.
Comprehensive insights and reporting for better decision-making.
Prioritization is essential to defend your business against evolving cyber threats. Vercara’s reports provide comprehensive insights into attack patterns and trends, which can help improve decision-making for the security and IT teams.
DNS trends and statistics.
Our DNS report is a statistical, high-level look at internet traffic. These insights allow security teams to understand the evolving nature of the DNS landscape and adjust their strategies accordingly.
UltraDNS processes traffic globally, and our analysis has revealed a slow but steadily increasing adoption of IPv6 records and HTTPs records, both of which indicate an increasing emphasis on expanded web infrastructure and secure web communication. To prepare for the inevitable transition from IPv4, businesses should have an “AAAA” or “quad-A” record. When in doubt, customers can review the information in their DNS portal and see how their specific stats align with global trends UltraDNS is processing.
DDoS attack analysis.
When businesses don’t have DDoS protection, they may face sustained outages. To mitigate attacks, they often are forced to page out to security personnel or a third party mitigation provider, potentially incurring extra cost and reduced response effectiveness if the attack occurred after hours.
Instead of multi-hour outages, businesses that use UltraDDoS Protect may still be attacked, but ultimately, we take the brunt of the attack and restore service. Customers can access their DDoS portal to review the attacks absorbed without any degradation of their service. The breadth and severity of attacks that UltraDDoS Protect mitigates shows the solution’s capacity to handle large-scale, complex DDoS attacks. It’s like a bulletproof vest for your business.
WAF attack data.
Analysis of web traffic and attack categories gives security teams a clear picture of the threats to their web applications and what methods malicious actors are using.
For example, suppose a web application is not programmed to sanitize input. In that case, malicious actors can use SQL injections to forcibly query the application’s database and gain access to underlying account details, including usernames and password information (usually password hashes). Security teams need to understand the prevalence of these attacks and how using a WAF can help mitigate these kinds of threats.
Improved resilience and operational continuity.
By leveraging Vercara’s DNS, DDoS, and WAF solutions, organizations can build a robust and resilient security posture that ensures the continued availability, integrity, and resilience of their digital assets.
Seamless DNS operations.
Availability and performance under a large number of queries is king when it comes to DNS zones. The UltraDNS platform maintains high availability and performance, handling a massive volume of queries with minimal errors. UltraDNS is built to withstand DDoS attacks meant to disrupt DNS availability, providing organizations with an added layer of protection.
DDoS mitigation.
UltraDDoS Protect repeatedly demonstrates its capability to handle high-volume attacks, providing protection across 15 Points of Presence (PoPs) and 15Tbps of DDoS mitigation capacity and monitored by the Vercara Security Operations Center (SOC). The solution’s ability to mitigate attacks helps ensure businesses remain available during DDoS incidents, and its effectiveness in handling multivector attacks further enhances operational resilience and ensures minimal disruptions to service.
Web application protection.
UltraWAF defends against various web attacks, helping maintain the integrity and performance of customer web applications, which allows security teams to mitigate or remove underlying threats. Reducing malicious traffic and bot activities also contributes to a smoother user experience.
Bundled protection.
UltraSecure offers bundled protection for small businesses. With UltraSecure, we protect the different layers of your network. DDoS protection covers the “pipes”—bandwidth, routers, and switches— while WAF protects web applications. Both products work in tandem to protect against “layer 7 DDoS attacks,” which target web applications.
Stay ahead of cyber threats with Vercara UltraDNS, UltraDDoS, and UltraWAF.
The best security posture layers together defenses that work in tandem to ensure businesses remain operational and spend less money on recovery efforts. By integrating Vercara’s DNS, DDoS, and WAF solutions into their security stack, businesses gain advanced security capabilities, valuable insights for informed decision-making, and improved resilience against cyber threats, ensuring the continuity and reliability of their digital operations.
To learn how Vercara’s suite of solutions can help defend your organization, contact our sales team.
