Intensity of DDoS attacks grew by nearly 15 million percent at the end of 2014
The largest number of attacks directed at NTP and DNS servers, the lowest number at mobile infrastructure
T-Mobile eliminated all dangerous attacks through a “DDos washing machine”
In 2014, T-Mobile’s network infrastructure was exposed on average to 120 DDos attacks per month. The intensity of such attacks increased significantly in comparison with the previous year. The operator recorded the highest increase in the last quarter of the year, when at their highest the total number of attacks on some of its servers exceeded the usual data traffic by a factor of more than one hundred thousand.
As a means of protection against DDoS attacks, T-Mobile uses the Arbor system, which is informally called the “DDos washing machine”. This system can reliably differentiate an attack from a legitimate request and eliminate it. Thanks to that, the massive increase of intensity equating to an upsurge of 15 million percent as compared with normal data traffic did not cause any outages and was not perceived by customers.
The largest number of attacks were directed at NTP and DNS servers. Interestingly, the operator also recorded relatively frequent attacks against gaming servers and particular players (to gain an unfair gaming advantage). In terms of intensity of attacks, mobile networks seem to be more resilient – the reason being that customer addresses are usually translated in these networks (NAT), and therefore are invisible to perpetrators from the outside.
T-Mobile considers data security (whether the security of customer data or of its own network infrastructure) to be extremely important and has therefore been continuously strengthening and improving its competencies in this area. In the past three years, the operator invested more than CZK 50 million in modernisation and improvement of security elements including, among other things, protection against malware, incident monitoring and internal network security. The largest portion of this amount was spent on T-Mobile’s new Security Operation Centre (SOC).
The security elements of T-Mobile’s network infrastructure (such as Anti-DDoS, Firewall, intrusion prevention systems (IPS), intrusion detection systems (IDS), etc.) and protection of customer data are integrated via SOC in the 24/7 monitoring regime throughout the year. Moreover, security incidents are handled by a well-trained team, which receives additional telephone support form other experts. This allows the operator to respond to attacks and application vulnerabilities significantly faster than in the past. The responsibilities of the SOC team also include informing customers of potential security risks – last year, the team sent hundreds of botnet and “suspicious communication” alerts to them.
T-Mobile Czech Republic, a member of the international telecommunications group Deutsche Telekom, has almost 6.2 million customers, the number-one operator in the Czech market. T-Mobile is an integrated operator: in addition to telecommunications services, it offers comprehensive ICT solutions not only for companies, but also for other organizations and individuals. It provides outstanding services in the high-speed network, which was proved repeatedly by benchmark testing performed by umlaut (former P3) with Best-in-Test seal.
T-Mobile Czech Republic places emphasis on taking a responsible approach to the environment and society. It adheres to fair business practices, helps beneficial applications and services to see the light of day, supports non-profit organizations, small businesses and individuals, and lends a helping hand whenever crisis situations arise. The company’s employees serve as volunteers in many places across the entire Czech Republic.
More information about the company is available at www.t-mobile.cz, www.t-press.cz (the portal for journalists) and www.t-mobile.cz/pomahame (information on the company’s CSR activities).
Contact details of the press unit: press@t-press.cz.