Staying clear of DDoS

Starting out as simple denial of service assaults launched from a single computer, DDoS attacks have evolved — with the proliferation of botnets — into one of the biggest threats on the security landscape.

Tags: Brocade (www.brocade.com)
  • E-Mail
Staying clear of DDoS
By  Bashar Bashaireh Published  September 13, 2013

Starting out as simple denial of service assaults launched from a single computer, DDoS attacks have evolved — with the proliferation of botnets — into one of the biggest threats on the security landscape. Verizon in its 2012 Data Breach Investigations Report called these attacks ‘more frightening than other threats, whether real or imagined’.

Research firm Stratecast in a recent study also found that DDoS attacks are increasing by 20% to 45% annually, with application-based DDoS attacks in particular growing by triple digits. Stratecast added that attacking via DDoS is one of the most prominent tools used by the hacker community, often as part of a multi-technique attack strategy.

Most recently, researchers have found that DDoS attacks are growing not just in terms of frequency, but in terms of bandwidth and duration as well.

A decade ago, for instance, 50Gbps attacks were seen a couple of times a year perhaps. Now, such attacks can happen nearly every week.

Attacks are also getting smarter because they are now more controlled. Rather than launching a scripted flood of data, attackers start an operation and then can adapt the type of attack or adapt the target depending on the desired result.

DDos attacks will continue to proliferate as more enterprises allow mobile devices onto their network. Fortinet’s own threat research group FortiGuard Labs has also found that mobile botnets like Zitmo have many of the same features and functionality of traditional PC botnets. FortiGuard Labs is actually predicting that in 2013, new forms of denial of service attacks, that will leverage both PC and mobile devices simultaneously, will surface,  and they come at tremendous cost.

In addition to lost revenue due to downtime, firms have to endure costs related to IT analysis and recovery, loss of worker output, financial penalties from broken service level agreements, and reputation damage to the brand.

The evolution of DDoS attacks highlights the urgency with which enterprises must adopt a security strategy to defend themselves. There are proactive steps organisations can take to bolster defences and reduce the risk of attack.

Instead of aiming for the complete removal of all DDoS traffic, an enterprise DDoS strategy should attempt to maintain services, especially critical services, with minimum disruption to the business. To that end, businesses can start by assessing the network environment and devising a response plan. Among other things, the plan should include backup and recovery efforts, additional surveillance, and ways to restore service as quickly and efficiently as possible. For proactive protection, the three key steps to follow are; the implementation of a multi-layer defence strategy, protection of DNS servers and other critical enterprise infrastructure, and maintenance of visibility and control of the enterprise IT infrastructure.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code