FIFA World Cup: the world’s biggest ever DoS?
Insiders are the biggest threat. We often hear that. But the world will soon be hit by the biggest Denial of Service attack yet seen. And it will stem from inside your firewall, not from outside. Welcome to the FIFA World Cup.
The problem, unless you make realistic arrangements right now, is that your network will be overwhelmed by surreptitious attempts to watch the football, online, live, at work. This will be a particular problem in the UK where the time zones have conspired to place many matches during the normal working day. And Capello has conspired to give us even more hope than usual. Your bandwidth will probably not cope.
“We did a bit of research,” explains Nigel Hawthorn, a VP at Blue Coat, “and asked IT managers whether users should have access to the World Cup. The majority said ‘no’. But at the same time, nearly 70% of the managers believe that users will watch it anyway.” The clear implication is that many people will watch the World Cup at work without any special arrangements.
“We have the potential for a real fire storm over the next few weeks,” continues Hawthorn, “where users might use iPlayer or ITV Player, or some of the other consolidators of streaming data, and try to get access to live streams on their network without understanding what it might do to the other applications and the day-to-day work of the business.” BBC iPlayer, he thinks, is so successful for people watching streaming video at home (and for insomniacs like me) that most people have no idea how much bandwidth it consumes. “Even with non-HD video, it’s 1.5Mb per second. It doesn’t take too many users to overwhelm or at least seriously impact the WAN bandwidth that companies have available. Users don’t understand the impact; and most companies don’t have the technology in place that would allow them to see that there are 100 requests from users but intelligently say, you know what, I can make one request upstream and split it out to all the users.”
Last week, Blue Coat set up a small demonstration of the problem. It used four PCs simultaneously watching BBC1 over a simulated WAN link rated at 2MB per second. “It was a total request for 6 Mb per second on a link that was rated for 2,” said Hawthorn. “So, no surprise, the video on all four was at best jerky and frequently froze. Then we put in a Blue Coat device to split the traffic, and lo and behold it all worked. On the LAN side you still have your 6 Mb per second, but on the WAN side it was only using 1.5.”
This is the solution: stream-splitting technology. Without it, 100 members of staff surreptitiously watching the World Cup will place a 150 MB per second demand on your WAN bandwidth.
But stream-splitting allows one stream request to be sent to multiple users at each location simultaneously. This greatly reduces the upstream bandwidth required by completely removing all the duplicated streams delivering the same content. The bandwidth savings are determined by the number of viewers of the same content (same stream, same source). For instance, one hundred simultaneous users can reduce upstream bandwidth consumption by 99%.
Hiding your head in the sand and waiting for the World Cup to go away is no solution. And the danger isn’t even limited to network failure. If you don’t make open arrangements for your users to be able to watch officially, some will inevitably seek out alternative methods. And some of these will inevitably succumb to the false codec scams that will proliferate by email, Facebook and Twitter. So do yourself a favour; let your staff watch the World Cup. But protect your network with stream-splitting technology.
“Networks will fail because of World Cup streaming,” says Hawthorn. “If it doesn’t happen, I’ll eat my replica shirt.”