Two separate surveys have revealed a disturbing trend as Distributed Denial of Service (DDoS) attacks increase in both frequency and severity. According to the Q4 2015 State of the Internet – Security Report from Akamai Technologies, DDoS attacks jumped 40 percent compared to the previous quarter and 149 percent compared to one year ago. Cybercriminals are also notoriously persistent, with each target being attacked an average of 24 times. The annual Worldwide Infrastructure Security Report from Arbor Networks found that the average DDoS attack size increased 20 percent to 500Gbps, while more than half of respondents said DDoS completely saturated their Internet connectivity.
A DDoS attack is an attempt to shut down or significantly disrupt a network, website or online operation by overwhelming it with traffic or data. DDoS attacks are typically carried out by botnets, or compromised devices, which essentially form a remotely controlled army capable of building capacity and generating huge amounts of traffic or data requests. This enables attackers to crash or flood online services, resulting in poor performance or the inability of legitimate users to access network resources.
Botnets can be purchased inexpensively on the black market, making DDoS attacks relatively easy to execute. For example, a week-long attack that can shut down a small organization’s online operations can be bought for as little as $150.
The financial impact of a DDoS attack can be severe in terms of lost, data, productivity and revenue. Imagine if you were unable to access the Internet, making it impossible to send or receive email. What if network slowdowns impacted your IP phone system, resulting in dropped calls or a busy signal when customers tried to reach you? A slow or unresponsive website that makes it difficult for customers to access information and services or make purchases can result in lost business.
A Kapersky Lab report found that 31 percent of small businesses and 22 percent of large business suffer data loss due to a DDoS attack. Some botnets are capable of spreading malware, while others will demand a ransom to stop the attack. Clearly, the impact of a DDoS attack goes far beyond temporary downtime and service disruption.
Perhaps you’ll say to yourself, “I have a firewall and an intrusion prevention system, so I don’t have to worry about DDoS.” Unfortunately, the opposite is true. A DDoS attack can overwhelm many firewall and IPS connections, making your online operation even more vulnerable to a security breach. A single attack can be comprised of millions of valid requests, and older security tools would be unable to distinguish malicious users from legitimate users. Also, when firewall and IPS connections are exhausted, legitimate users will be unable to connect to the network.
Organizations need to have strategies and tools for monitoring their networks for attacks and responding swiftly and effectively. The faster you recognize the attack, the greater your chances of keeping damage to a minimum. Let SSD help you implement a holistic solution that can detect suspicious traffic, secure network connections and applications, and minimize the risk and impact of a DDoS attack.