Skip to main content
close search
site logo
Dive Brief

Netflix highlights risk of DDoS attacks, but at the application layer

Published Aug. 1, 2017
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Flickr user Jenny Cestnik

Dive Brief:

  • Netflix’s security engineer Scott Behrens ran a self-inflicted application distributed denial of service (DDoS) attack to showcase the possibility of an infiltration of Netflix's API — or any other organization's APIs — to cause a system failure from within, according to Wired.
  • Behrens reverse-engineered the application DDoS during a Chaos Kong study, which redirected active users to an available region during a mock AWS outage. Isolating the production area gave Behrens the opportunity to run the attacks without impacting active users. The test resulted in 80% API gateway errors, according to The Netflix Tech Blog.  
  • Application DDoS attacks account for less than 1% of DDoS attacks, according to The Netflix Tech Blog. But, Application DDoS in microservice architectures are a direct threat to the many branches that extend from within the Gateway API. Traditional DDoS attacks require little resources and simply overload a network causing a system failure and inaccessibility. 

Dive Insight:

Traditional DDoS attacks rose 380% in the first quarter of 2017. These attacks can thwart user access and therefore threat overall revenue. The increase in DDoS threats has heightened the Department of Homeland Security’s promotion of best protection practices.

Netflix is trying to showcase how advanced attack methodologies are surfacing, contributing to the current cyberattack madness. The mock application DDoS attack is a proactive measure Netflix is taking to ensure it can stay a step ahead of nefarious cyber actors. Through the Chaos Kong test, Behrens was effectively able to test an active environment and see how it could impact not only its users but its network requests.

The overall cost to launch DDoS attacks is minimal and this was imperative for Behrens experiment. The widespread use of an API gateway to a company’s microservices architecture results in cheap hacking initiatives but mass hysteria for a company. Behrens’ goal in reverse-engineering this kind of internal attack is creating cyber tools to protect companies from hacking and thus raising the cost of the overall hacks.

Cyberattacks are evolving and Netflix is taking the risks into account. Hackers are utilizing vulnerable resources and companies like Netflix are working to ensure those resources are unavailable. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
truCX Launches Groundbreaking Partner Portal, Empowering CX Consultants and Trusted Advisors w…
From truCX
October 30, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Celonis AgentC: Making AI Agents Work for the Enterprise with Process Intelligence
From Celonis
October 23, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell