Use security controls and design patterns to stop attacks and bugs from overloading the system or locking people out.
This approach helps keep the system up and running, even if someone tries to take it down with something like a distributed denial of service (DDoS) attack.
Contoso’s challenge
- The workload team and the workload’s stakeholders know that this system must be extremely reliable because hotel guests rely on it for both business and leisure travel. If it goes down, hotels can’t run properly.
- The team has put a lot of effort into testing functional and nonfunctional requirements to make sure the system works well and stays operational, including using safe ways to roll out updates.
- They’ve focused on keeping things reliable, but they haven’t paid as much attention to security. A recent update had a bug that hackers took advantage of, crashing the system for several hotels. The attack overloaded servers in one region for over four hours, causing major problems for guests and staff.
- The attacker used the app’s servers to sneak in requests to a regional storage system and pull up fake folio data. One of those fake folios was huge and caused the servers to run out of memory. Then, when users tried again, it spread the problem to all the servers.
Applying the approach and outcomes
- The team changed the design so the app servers no longer handle folio requests directly. Instead, they’re using a Valet Key approach to limit access. This approach wouldn’t have stopped the attack completely, but it would have kept the damage contained.
- They also added better input checks to clean up anything suspicious before it reaches the system.
- With stronger input filtering and a smarter design, they’ve reduced the risk of this kind of attack happening again.
Proactively limit attack vectors
Set up controls ahead of time to block common ways that attackers try to break in, like bugs in your code, weak network setups, or missing antivirus.
Regularly scan your code, install security updates, keep software current, and run antivirus tools. These practices help reduce the ways that attackers can get in, and they help keep things running smoothly.
Contoso’s challenge
- The system runs on Azure VMs (virtual machines) that use the latest Ubuntu images from Azure Marketplace. When each VM starts up, it installs some certificates, adjusts a few SSH settings, and loads the app code. But it doesn’t use any antivirus or anti-malware tools.
- Azure Application Gateway fronts the solution, but it’s only used as an internet gateway. The web application firewall (WAF) function isn’t enabled currently.
- These choices leave the system exposed to potential risks, like vulnerabilities in the code or accidental malware installs.
Applying the approach and outcomes
- After talking with the security team in Contoso, the VMs are now enrolled in an enterprise-managed antivirus solution.
- The team also enables and fine-tunes the WAF function to block risky traffic, like SQL injection attempts, before it even reaches the app.
- Both the app and its platform now have stronger layered defenses to help keep the system stable and secure.
Leave a Reply