For a multitude of industries—be it finance, healthcare, or e-commerce—DDoS attacks continue to threaten data privacy and business operations. Every year, attacks are growing more sophisticated to bypass existing firewalls, costing significant billions each year in revenue.Distributed Denial of Service (DDoS) attack is one of the most popular cyber-weapons. Such attacks threaten vital business operations and data security. The Internet of Things (IoT) is the weapon of choice for DDoS attackers. DDoS attacks are often perpetrated by an army of virus infected remotely controlled computers or botnets.
It’s a type of attack where hundreds or even tens of thousands of bots are hijacked to strike against a single system, network or application. If an organization becomes compromised by a DDoS attack, whatever service it provides becomes unavailable to its employees and customers. Since there are so many inbound server requests coming from so many distributed computers, it’s difficult to distinguish these attacks from legitimate traffic.
There are two main types of DoS attacks: attacks designed to exhaust application or server resources and attacks that simply flood services. There are three main types of weapons used in a DDoS attack. Attacks can also combine all three together.
In the last few years DDoS attacks have increased in volume, velocity, duration, and complexity. Attack mechanisms are growing more sophisticated to bypass existing defense system, costing significant revenue in IT resources and damaged brand recognition.
DDoS attacks are increasing in frequency and scale leaving some of the world’s largest data centers and network operators dealing with a costly aftermath.
Bottom line: all organizations should be concerned about service outages caused by DDoS attacks and take measures to ensure their DDoS protection scales to the largest multi-vector attacks.
We’re tracking the rapid expansion of IoT botnets, and the continued use of UDP reflection attacks. DDoS is a problem that keeps growing in size and strength, and the number of attacks on businesses is nearly double that of a year ago. Denial of Service attacks aren’t limited to certain company types anymore – and we predict 2018 will be the year every company realizes they could be a target.” - Tom Byrnes, CEO and Founder of ThreatSTOP
The goal of a DDoS attack is either to cause costly downtime and block legitimate users from accessing services.
The first line of defense for an effective DDoS protection plan includes existing firewall, intrusion prevention system (IPS), and load balancers. Additionally, dedicated DDoS protection devices can provide specialized mitigation against large-scale and advanced DDoS attacks. It’s important that these DDoS protection devices provide enough headroom in terms of bandwidth, throughput, and connectivity to deal with DDoS attacks while maintaining service availability.
Since dedicated DDoS protection devices integrate with many different solutions from a variety of vendors, it’s important that these solutions can adapt to changing needs and integrate easily via common APIs.
DDoS mitigation typically involves coordinated activities that proactively detect and protect the intended target and networks from a DDoS attack. This is done by passing network traffic addressed to the target through high-capacity network resources that scrub the data for any malicious characteristics. As a rule, DDoS mitigation should occur in the background and continue to allow legitimate traffic to access your services at network speed. The key to effective DDoS mitigation lies in separating incoming traffic into known human traffic and bot-generated traffic. This is done by utilizing threat intelligence to compare incoming signatures and examine traffic attributes. Best practices for DDoS mitigation include employing anti-DDoS technology and having an emergency response plan. Multi-level DDoS protection, performance scalability, and broad deployment flexibility are key parts of that plan and help protect your critical applications and networks. The A10 Thunder Threat Protection System (TPS) product provides effective DDoS mitigation. It will protect against the growing threat of DDoS attacks and provide an environment that is highly available and secure.
National Institute of Standards and Technology (NIST) is developing an advanced DDoS mitigation framework based on their cybersecurity framework to protect critical infrastructure. The framework was developed by Presidential Executive Order 13636 to secure critical infrastructure vital to national and economic security, including energy, banking, communications and defense. Any organizations can apply risk management and best practices for improving the security and resilience of their critical infrastructure.
Learn more in this NIST Cybersecurity Framework executive summary. The National Cybersecurity Center of Excellence (NCCoE), part of NIST, has initiated a project to for mitigating the risk of IoT-based DDoS attacks.