Sudden spike in traffic, calls or slow response could be a sign of botnet attack.
What is a botnet attack? Anything unusual like a sudden increase in requests / calls or delays in responses from one service due to heavy traffic to only that service can be a sign of botnet attacks. A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. Cyber criminals use botnets to instigate botnet attacks, which include malicious activities such as credentials leaks, unauthorized access, data theft and DDoS (Distributed Denial of Service) attacks.
What can be done? While our cloud environment is configured with several intelligent agents to detect and prevent a potential botnet attack at network layers, what you could do is simply enable a feature available within cidaas to prevent or make it more challenging for bots to percolate.
This feature is called Bot Detection CAPTCHAs. CAPTCHA stands for Completely Automated Public Turing test to tell computers and humans apart. In other words, CAPTCHA determines whether the user is real or a robot. CAPTCHAs stretch or manipulate letters, numbers and symbols and rely on human ability to determine which symbols they actually are. CAPTCHAs also help prevent bots from doing form submissions, executing logins and accessing sensitive pages or processes.
How is this setting configured?
- Go to cidaas Dashboard ->Apps -> Edit Selected App -> Advanced Settings -> Bot Captcha -> Enable
Please note that here we are referring specifically to enabling the Bot Detection captcha under advance settings on the cidaas dashboard where there is both an option for regular captcha settings as well as bot detection captchas. Enabling the latter setting ensures that your applications remain protected from any such attacks.