Every business is susceptible to a distributed denial-of-service (DDoS) attack. This type of attack has long been favored by so-called hacktivists, groups who specifically take down a website as a sign of protest or political statement (Anonymous is one of the most well-known hacktivist groups). More recently, DDoS attacks are a favorite attack vector of cybercriminals who see DDoS as an inexpensive way to make money. They are also used as a distraction tool; as IT and security staff are focused on mitigating DDoS, the attackers sneak into inject malware or steal data unnoticed.
DDoS Impacts on Business
Organizations pay a big price for DDoS attacks. According to research conducted by Neustar Research, 43 percent of companies admitted to a revenue loss of at least $250,000 per hour at the peak of the attack. This can turn into millions of dollars in lost revenue as DDoS attacks grow larger and are sustained for longer periods of time.
Verisign’s DDoS Trends Report revealed that more than half of the DDoS attacks in the first quarter of 2017 peaked at an average of 14.1 Gbps (a 1 Gbps attack is enough to disrupt a network). Attacks are also lasting hours and happening repeatedly over a period of days.
Cybercriminals are also using DDoS attacks to extort money. The attackers demand a ransom paid in bitcoins, telling organizations that if they don’t pay up, their network will be taken offline.
Understanding DDoS Attacks
To better mitigate and prevent attacks, organizations need to know what they are dealing with. The following seven points provide a start to better understanding DDoS attacks.
Attacks are unpredictable. While the first quarter of 2017 saw very large and lengthy attacks, research from Akamai Technologies didn’t find any attacks over 100Gbps in Q2, despite attacks of that size in Q1.
Most are still small. The big, sustained attacks get all the news coverage, but the vast majority of attacks are low volume, according to recent findings from one network security provider reporting that eight in ten attacks were under 1 Gbps in size.
But they are persistent. As mentioned above, attacks might be small, but organizations are seeing attacks happening with greater frequency.
They rely on multi-vectors to confuse targets. The Neustar study found that multi-vector attacks – attacks that use a combination of volume, application, and protocol elements – have increased by more than 300 percent in 2016.
Volumetric attacks remain the most popular. Akamai found that 99 percent of the attacks in its Q2 2017 study were volumetric, or taking over high volumes of bandwidth.
Expect to see more application attacks. An Imperva study warned that attackers are more frequently going after business applications to launch DDoS attacks.
Botnets will lead attacks on IoT and mobile devices. The Mirai botnet, which involved malware-injected IoT devices and took down the Dyn DNS server, is thought to be just the beginning of these types of attacks utilizing popular devices.
Fighting DDoS Attacks
Unfortunately, DDoS attacks are among the most difficult cyberthreats to defend against because of targets’ difficulty differentiating between legitimate access and a flood of botnets. A solution like Fortinet’s FortiDDoS provides multi-layer protection and addresses the growing threats from IoT and mobile-based attacks.