CASE STUDY: DDOS PROTECTION

Pharmacy IT service provider awinta protects its customers’ online shops from cyber attacks

themen-cs-ddos

The initial situation

With an extensive portfolio, the IT service provider awinta GmbH offers a wide range of complete solutions for pharmacies and pharmacy cooperatives, from on-site installed merchandise management systems to online shops in the awinta data centre, as well as an interlinking of both areas. awinta’s customer base includes around 7,000 pharmacies, making the company the market leader in Germany.

awinta operates its largest data centre in Frankfurt am Main, which is close to the DE-CIX internet hub, so that it can offer customers a fast internet connection. Via the online shop infrastructure, which is used by a mid-three-digit number of pharmacies, awinta currently processes order transactions each year in the double-digit million range. The number of visitors to the shops is in the three-digit million range per year.

 

The challenge

Many online shops operated by pharmacies received an extortion letter from the hacker group Gladius in February 2016. “You have probably already noticed that we have attacked the infrastructure of your online shop” the hackers wrote. “You have 72 hours to pay a non-attack fee of EUR 1,500. Otherwise, the attacks will be extended.” Just like other competitor, several online pharmacy shops in the awinta data centre were also affected by this wave of DDoS attacks. “However, it didn’t stop there” reports Christian Netzer, Head of Network and System Administration at awinta’s Mannheim site. “In the following weeks, we had to deal with a total of ten waves of attacks, which not only led to the affected online shops being paralysed for hours at a time, but also the entire data centre.”

At that time, the awinta data centre only had basic DDoS protection. For this, a procedure referred to as “black holing” – and which is also known as zero routing – was used. In this process, all traffic to the IP address targeted by the DDoS attack is “routed into a black hole”. The problem with this approach: it cannot distinguish between “good” and “malicious” traffic, thereby rendering the DDoS attack a success. In order to be able to specifically fend off DDoS attacks against individual online shops and, at the same time, effectively shield the entire data centre, awinta was looking for an improved solution.

 

The solutions

The objectives

With this solution, awinta was pursuing several objectives:

  • Comprehensive DDoS protection: Optimal protection of the individual online pharmacy shops should increase the overall protection level of the data centre.

  • Fast and efficient defence: The fast detection of cyber attacks combined with a speedy defence should ensure maximum availability.

  • Secure online shop revenues: Improved protection and higher availability should secure the sales of the individual online shops and reduce outages.

The solutions

Akamai Prolexic Routed

The key advantages

  • “Time-To-Mitigate” Service Level Agreements on defence time

  • Globally distributed scrubbing network fends off attacks before they reach the data centre of awinta GmbH

  • Online shops and data centre remain available, even during DDoS attacks

Why Akamai + G&L?

Immediately after the first wave of DDoS attacks began in February 2016, Mr Netzer contacted Akamai via an emergency number on their website. Technicians quickly presented a proposed solution, which Mr Netzer compared with competitors’ offers, before deciding on Akamai Prolexic Routed without a moment’s hesitation. “The technical solution is the best fit for us. It gives us complete protection for the entire data centre, which thus remains available, even in the event of cyber attacks. With other offers, we would have had to protect each online shop individually.”

In addition to Akamai, the Cologne-based Akamai partner G&L Geißendörfer & Leschinsky GmbH was involved as a consultant in the planning, design and all contractual issues regarding the cloud security solution during the implementation phase. G&L was also the contact for awinta GmbH after the solution went live.

“With the all-round protection afforded by Akamai Prolexic Routed, we are able to secure all online pharmacy shops running on our platform, as well as the entire data centre.”

Christian Netzer, Head of Network and System Administration at awinta GmbH

Fast and reliable defence against attacks

For awinta GmbH, the Time-To-Mitigate Service Level Agreements for the detection and defence of attacks played an important role in the decision in favour of Akamai. Depending on the type of attack, they regulate how quickly an attack is defended against. This does not comprise a purely automatic defence against an attack, but rather the involvement of technicians in a security operation centre who can investigate the attack and take additional measures if necessary.

“We were able to see for ourselves the efficiency of the fast and reliable defence against DDoS attacks on online pharmacies in January 2017” reports Mr Netzer. “The attacks were directed against nine shops, Akamai recognised this and was able to fend off the attacks within a short period of time. Our solution has thus already proven itself in practice.”

Scrubbing centres distributed worldwide

Akamai Prolexic Routed routes all traffic from awinta GmbH through Akamai’s globally distributed scrubbing centres. There, the network traffic is examined for potential DDoS attack vectors, the detected attack traffic is stopped and only the harmless traffic is forwarded to the awinta data centre. Due to the worldwide distribution of the scrubbing centres, attack traffic coming from the USA or the Asia-Pacific region, for example, is detected and blocked there.

The company

awinta GmbH

http://www.awinta.de/

Sector: Healthcare, specialised in pharmacies

About awinta GmbH: With around 7,000 customers to serve, awinta GmbH is the market leader for pharmacy software in the German healthcare market. The awinta range of products and services offers the right solution for every pharmacy or pharmacy cooperation. Since 2015, ASYS products have expanded the portfolio of awinta GmbH in the area of online merchandise management. The products and services of awinta GmbH stand for innovation, service and security. The focus of development is always on the needs of the market. The company’s ambition is to continue to expand its innovation leadership role in the future and thus to offer pharmacists merchandise management systems that optimally map the daily workflow, as well as the health policy-related framework conditions. Awards such as “Best IT Partner 2017” for the fourth time in a row speak for themselves. awinta GmbH is a company of the NOVENTI Group.

 

Bietigheim-Bissingen, Germany