Source: Whitehouse.gov.
I'll wager that when President Obama lobbied for health care reform, he didn't expect opposition from hackers. Yet that's what we're seeing. Late last month, they started pushing a new distributed denial of service, or DDoS, attack aimed at taking down the Healthcare.gov website.
Its name: Destroy Obama Care.
Hackers have made as many as 16 attempts at breaching Healthcare.gov in the time since, according to testimony from Roberta Stempfley, acting assistant secretary of the Department of Homeland Security's Office of Cybersecurity and Communications. They've yet to penetrate the site.
Stempfley's testimony before Congress. Sources: YouTube and U.S. House of Representatives Homeland Security Committee.
Scale may be why. Healthcare.gov, for all its faults, likely taps a huge network of on-site computers for processing horsepower, storage, and memory, among other things. The more scale a site has, the more traffic it can handle, and the harder it becomes for a DDoS attack such as "Destroy Obama Care" to work as intended.
In hosting its own massive infrastructure, the feds have demonstrated why it's so important to have one in the first place. Trouble is, only President Obama and a handful of his most senior advisors possess the full resources of the United States government. If we want scale for protecting our websites, we'll need to get it from those who already have it: cloud infrastructure suppliers.
Knock, knock, knocking on your digital door
Infonetics Research says the market for cloud-based security offerings will grow to $9.2 billion by 2017. And why not? DDoS attacks are unbearably common. According to security specialist Arbor Networks, various detection systems spot close to 3,000 attacks each day.
Political campaigns and causes are a typical target. For this reason, Google last month opened a portion of its infrastructure to sites serving humanitarian causes that may prove unpopular elsewhere.
Meanwhile, Akamai Technologies (AKAM 1.02%) has been positioning itself in this area since early 2012 when it introduced Kona Site Defender. The idea is to leverage the worldwide Akamai network as a distinct layer removed enough from corporate networks to keep DDoS attacks at bay. Akamai's Performance and Security revenue rose 19% in the third quarter, matching the company's second-quarter performance.
Radware (RDWR 0.76%), too, is cashing in on the trend with a series of devices for controlling and securing applications that live primarily in the cloud. Analysts at Needham recently upgraded the company's stock on the strength of its new Alteon NG, which the firm says is arriving ahead of schedule. The stock has lagged the market this year, up just about 1.5% to date.
Don't be surprised if more of Wall Street takes a kinder eye not only to Akamai and Radware but the entire sector. In March, a massive assault nearly destroyed European spam tracker Spamhaus. The onslaught involved untold numbers of machines banded together to deliver some 300 GB per second of bogus traffic. Attacks are getting fiercer by the day.
The Foolish takeaway
Even so, most DDoS attacks top out at 100 GB per second or much less, IT services firm GlobalDots says in this blog post. I'd put "Destroy Obama Care" on that list. A meaningful attack, certainly, but nowhere near powerful enough to tip over Google or any of the other major cloud computing suppliers, let alone the technology underpinnings of the U.S. government.
Yet the war isn't over. More attacks will come, and each one will be worse than the last. A race to stay ahead that, in my view, favors no one. Save for the arms dealers, of course.
