Rises in both the volume and severity of distributed denial-of-service (DDoS) attacks should come as no surprise to most enterprises and organizations, but new research from Kaspersky and B2B International clarifies just how much the problem has grown in the last year alone.
For example, the final three months of 2016 saw DDoS attacks in 80 countries, a significant increase on the 67 countries which fell victim to DDoS attacks in the previous quarter. The fourth quarter of 2016 also produced the year’s longest-lasting DDoS attack, with service disrupted for 292 hours (or 12.2 days), far surpassing Q3 2016’s peak of 184 hours. Consider that: a nearly two-week-long service disruption stemming from a DDoS attack. With a two-hour outage unacceptable by today’s standards, a two-week outage seems untenable.
The increasing DDoS threat is also amplified by news that the method of deployment began to diversify during Q4 2016. Reports suggest the final months of 2016 saw the first large-scale DDoS attacks committed with Mirai IoT botnet technology, wherein cyber criminals hijack Mirai-connected devices for worldwide service disruption attacks. Victims include Twitter, TalkTalk, and Deutsche Telekom, which claimed over 900,000 customers experienced internet outages as a result of the malware.
These are all disturbing findings, and the trends clearly indicate that DDoS attacks will continue to worsen going forward. Research from Deloitte estimates over 10 million DDoS attacks will occur during 2017, which works out at over 27,000 attacks daily. This is expected to include monthly attacks reaching over 1 Terabyte-per-second (1Tbps) in size; enough to compromise hundreds of thousands of endpoints at a time.
In light of the mounting DDoS threat, most enterprises lack a comprehensive approach to the problem – and in many circumstances they remain unaware of the source of the attacks.
Just over one-third (36 per cent) of enterprise respondents in Kaspersky’s survey said they suspected their business rivals of launching DDoS attacks at them; this figure was even higher (48 per cent) among the SMBs surveyed. Even more of the enterprises polled pointed their fingers at foreign governments and former employees as the culprits behind these devastating DDoS attacks.
DDoS is a symptom. The root problem is the public internet
Most of these enterprises are missing the point. While it’s important to know who is behind these attacks, what really matters is how to eliminate them. This means tracking attacks to their root cause – where the blame really belongs – and implementing preventative measures that combat the heart of the problem. This problem lies within the public internet.
As an open network, the internet permits the flow of information between any connected source, an inherent vulnerability that cannot effectively isolate the actions of cyber criminals, individuals, and businesses. This means that as long as enterprises are conducting their critical business on the internet, they will always be the targets and potential victims of DDoS attacks. And, keep in mind that the attack doesn’t even have to come from a particular company, government or individual. In fact, it doesn’t have to be aimed at you at all. On the public internet, since we’re all using the same pipeline, any DDoS attack travelling along that same pipeline is going to inflict service disruptions no matter who the original target is. In short, anyone and everyone can be collateral damage to somebody else’s DDoS episode.
The first step to bypassing the dangers of DDoS is recognising that no solution can secure the inherent vulnerabilities of the public internet. Once this idea is accepted, the only logical means of removing the DDoS threat is to avoid the public internet altogether. Forward-thinking enterprises should therefore choose to conduct their critical business through private interconnection platforms, which offer direct connections between enterprise partners without compromising on flexibility and convenience. Here, enterprises can undertake private network-to-network communication and data transmission on a global scale, while entirely bypassing the DDoS-exploited public arena.
Enterprises are now faced with a viable alternative to the vulnerable public internet. By taking critical steps towards direct connection, enterprises can work to ensure their operations are protected from the DDoS threat in 2017 and beyond.
By Blake Gillman, Director, Console Connect