“Measures that ought to have been in place to prevent these denial-of-service attacks interfering with access to the website were not put in place. That was a failure that was compounded…”– Australian Prime Minister Malcolm Turnbull
“Mr. Turnbull was commenting on the DDoS attacks that brought down the Australian Online Census website. He went on to describe the attacks as “completely predictable.” And he is right.
Web Applications are under more threat now than ever. Attackers have easy access to applications that can launch complex attacks on thousands of sites at the click of a mouse. These applications are supported by organised groups that even offer voice and chat support. This proliferation of “applications of mass destruction” points to one significant fact –Everyone Is A Target.
In the case of the Australian Census website, there are indications that a ransom note was disregarded. To protect from DDoS attacks, there were only two protections – a Geo-IP block, and standard firewalls. The attacker got around the geo-ip block by simply sending traffic from within the country. Eventually, the firewalls failed, and the website was taken down to prevent data exfiltration from the unprotected site.
Attacks are launched for many reasons – for ransom, to host malware applications…or simply for fun. They succeed in many cases because organisations do not understand the need for a web application firewall, or because they put web security off due to perceived complexity. A WAF is now an absolute necessity for web applications – especially given the sensitivity of the functions provide and the data they host. Any loss of access or data can lead to serious consequences.
Securing your web, mobile and API applications against application layer attacks need not be complex. The Barracuda Web Application Firewall is an award winning Web Application Firewall that is easy to deploy and configure. The Barracuda Web Application Firewall is available on every platform – Hardware, Virtual and Cloud – and provides complete security against application attacks.
To learn more about the Barracuda Web Application Firewall and how it protects your web, mobile and API applications, please refer to these whitepapers:
- Barracuda Web Application Firewall secures your website against the Top 10 Threats.
- Defending against Application-based DDoS Attacks with the Barracuda Web Application Firewall
- Secure your Mobile and IoT applications using the Barracuda Web Application Firewall
Tushar Richabadas is a Product Manager for the Barracuda Web Application Firewall team in our India office. You can connect with him on LinkedIn here.
Tushar Richabadas est Senior Product Marketing Manager, Applications and Cloud Security chez Barracuda. Auparavant, il était responsable des produits Web Application Firewall et Load Balancer ADC de Barracuda, et son travail portait plus particulièrement sur le cloud et l'automatisation. Tushar possède une expérience très variée, allant de la gestion des équipes chargées de tester les produits de mise en réseau, à la gestion du marketing technique chez HCL-Cisco. Il suit de près l'évolution rapide de la sécurité numérique et a à cœur de simplifier les choses pour tous dans ce domaine.