Today’s DDoS Attacks: Separate Truth from Fiction
Distributed denial-of-service (DDoS) attacks are skyrocketing at an unprecedented rate. According to the VeriSign Distributed Denial of Service Trends Report, in fourth quarter of 2015, there was an 85% increase in DDoS attacks compared to 2014.1 Not only are they increasing in quantity, they are also increasing in complexity and in the severity of damage they inflict. Often DDoS attacks are tied to ransomware, hactivism, and nation-state to nation-state cyberwarfare. And, to top it off, repeat attacks against the same organization are also on the rise.
So if your network seems to be humming along just fine, and you think you couldn’t possibly be experiencing a distributed denial-of-service (DDoS) attack, think again. The latest DDoS attacks are much more difficult to detect than ever before. Knowing what you’re up against is the first step toward building a better DDoS defense.
Myth 1: DDoS attacks only occur on a large scale—with hundreds of gigabits.
Reality: The truth is most modern DDoS attacks are not large at all, averaging only between 30 to 40 Gbps. The issue is that they are often difficult-to-detect, low-and-slow application attacks or volumetric attacks, which use multiple systems or botnets to flood network layers with traffic. These attacks, which can easily be launched with minimal resources, can still create significant impact.
Myth 2: Our network or service is not down, so we’re not being attacked.
Reality: Unusually slow network performance is likely due to a DDoS attack. Sophisticated DDoS attacks are designed to strike simultaneously at any time, slowing down response times, which can result in decreased customer satisfaction—a big cause for concern.
Myth 3: DDoS attacks are really not so bad. No one will notice the difference, so I won’t worry about them.
Reality: Actually, they are worse than you might believe. The average downtime of a DDoS attack—which could include crashes, slowdowns, and denied customer access—is 17 hours and as long as 36 hours. All those hours translate to substantial lost revenue and diminished customer loyalty.
Myth 4: The best protection against multi-vector DDoS is cloud protection.
Reality: External cloud DDoS solutions work great for volumetric attacks, but not for application layer attacks. Your best bet for advanced multi-vector DDoS protection is a hybrid solution, which gives you complete control over data streams—with no delays—and reduces concerns about the safety of your critical data. In fact, 36% of participants in a recent IDG survey agree that a hybrid solution (on premises with a cloud bursting option) is the most effective solution for addressing DDoS threats.
Myth 5: DDoS is a network administration issue.
Reality: From a technical standpoint, that’s true. But, since DDoS attacks are by nature malicious and can potentially compromise an organization’s operations, security teams, including the CSO, need to join forces with the network IT team to mitigate, respond, and remediate. Overwhelmingly, 95% of IDG survey respondents confirmed that DDoS is a problem driven not by security teams and not by network teams.
Myth 6: I have a firewall and intrusion detection system (IDS), so I’m protected against DDoS.
Reality: Today’s complex DDoS attacks often leverage spoofed traffic that originates from multiple sources, and firewalls can’t scale up to handle that. Multi-vector DDoS attacks also quickly drain CPU resources of legacy devices, rendering firewalls and IDS ineffective. Today, firms must think about scalable solutions rather than simple firewalls because DDoS attacks have grown in volume and in sophistication (example: application layer attacks). This is confirmed by the IDG survey—respondents mentioned that they face all three types of DDoS attacks: network layer attacks (35%), volumetric attacks (34%), and application layer attacks (30%).
Myth 7: I don’t want to invest too much, so a “good-enough solution” will do the job.
Reality: The most dangerous multi-vector DDoS attacks include volumetric and application layer attacks, so a defense that only handles routine, easy-to-detect threats is not sufficient. To mitigate today’s and tomorrow’s DDoS attacks, you need an aggressive mitigation plan. Choose a proven, high-performance, and agile solution used by respected organizations that require immediate response and is supported by industry experts.
Prepare for the Future
When it comes to DDoS attacks, it pays to prepare for the future. You can expect that these threats will continue to evolve and become even more sophisticated and evasive. Incorporate A10 Thunder TPS (Threat Protection System) into your protection plan. Our advanced, always-on solution addresses the full spectrum of multi-vector DDoS attacks and blocks them before they can do harm.