Despite the fact that there is a greater awareness of and preparation for distributed-denial-of-service attacks (DDoS), the overall arc and arc of DDoS attack are not diminishing but actually gaining more attention from companies and personnel who have personally experienced these threats.
IDC, a global provider IT market intelligence, has released the results of a U.S. DDoS Prevention Survey. It surveyed C-level and senior-level IT staff in organizations with more than 500 employees. The survey revealed that 53% of the organizations surveyed had been the victims of DDoS attacks in the past 12 months.
Shift to more sophisticated attacks
Denial-of service attacks have been around for decades. They are not particularly sophisticated, at least when you consider the most recent cyberattack standards. However, DDoS attacks remain a popular go-to method for hackers, revengers, and script kiddies alike.
DDoS attacks are traditionally volumetric. The attack involves reducing a target’s services by overwhelming flooding it with botnet-driven requests. The botnet is able to defend the service against attacks from multiple sources. DDoS attacks are therefore “distributed”. Volumetric attacks account for more than 50% of all DDoS attacks currently in progress.
There has been a shift in the last few years to more sophisticated DDoS attack techniques. Research has shown that multi-vector DDoS attacks have increased dramatically. These attacks basically shift the type and vector of DDoS. For example, an attack may start with a flood of SYN packet requests from multiple sources–botnet–that each leave a partially open socket and rapidly decrease bandwidth, then quickly shift to an application-layer DDoS attack that exhausts network resources. Multi-vector DDoS attacks are effectively a misdirection play. They require a specific defense strategy, which may not have been in place or be at the forefront for every cyber defense team. TCP State Exhaustion attacks are another modern DDoS attack. These attacks target a particular server or group of servers, and attempt to occupy and overwhelm all connections. Application-level DDoS attacks exploit weaknesses in applications to consume CPU cycles, processing power, and other resources.
How organizations tackle the DDoS problem
Most organizations with sensitive vulnerabilities or large sizes have dealt with this type of security using point and in-house security methods. The IDC survey revealed that many organizations are now turning to other methods to address DDoS issues. There are many areas in cybersecurity that should keep you awake at night. However, if your revenue is dependent on your services, then having them denied effectively nullifies the reason to have them. There are many options for organizations to take as part of the progressive anti-DDoS movement to shift from product-based concepts to shifting the work and management effort towards a third party.
According to the latest information, organizations are turning towards cloud providers, managed security service providers (MSSP), as well as other security vendors to help them combat DDoS attacks. A hybrid solution seems to be the best way to combat multi-vector DDoS attacks.
Infrastructure-related
One of the best defenses to mitigate DDoS attacks is infrastructure-related. A scalable network with robust features is essential for proper defense. It must have enough bandwidth to allow redirection and “scrubbing”, while still allowing business operations to continue uninterrupted. Cloud service providers often provide skilled-designed services.