This paper examines the changing DDoS landscape. Many organizations have aging DDoS protection devices as part of their infrastructure. Today’s advanced attackers are utilizing a host of advanced attack methods that require defenses geared to utilize a host of protection techniques in order to defend against attacks. The first DDoS attack to reach over 1 Tbps by leveraging IoT devices happened not long ago. Using IoT devices allowed attackers to demonstrate the dangerous potential of devices that were open to the Internet but not well maintained. IDC believes these kinds of attacks will continue as well as attacks that leverage other vectors in order to disrupt business critical services.
The DDoS Landscape has changed significantly in the last 3 years. Beginning with Spamhaus and following on from the current IoT threat have heralded in a new era of attacks and a need for new defenses. Organizations can no longer rely on DDoS protection designed to stop a single attack vector. Defenses must be layered and protect the organization from both internal and external attacks as well as attacks against the infrastructure and individual applications.
One of the most notable large attacks in 2016 was the attack on popular journalist Brian Krebs’ website, which marked the beginning of the colossal IoT threat. The attack reached over 620Gbps, and the DDoS defense provider was ultimately forced to part ways with its client because of the massive cost. This new Mirai malware turned IoT devices such as video cameras and DVRs into zombie slaves that fueled the botnet traffic of very large DDoS attacks. Not only were some attacks in 2016 massive in size, but many others leveraged short multivector attacks used to cause a diversion against another real threat (typically ransomware but potentially a diversion from network exploitation or data exfiltration). Because of the effectiveness of DDoS attacks, vendors saw an increased interest in DDoS solutions.
Register to Download Free White Paper