The frequency of Distributed Denial of Service (DDoS) attacks in 2018 has surged in comparison to the previous year, making DDoS attacks a continuing major challenge for IT leaders and their teams. Growing in frequency, intensity and sophistication, the attacks delivery methods remain unchanged. Infected internet bots and vulnerable servers continue to create attacks of crushing scale against unprepared targets. With this in mind, Verisign, released its Q1 2018 DDoS Trends Report, which provides a unique view into the attack trends unfolding online. The report highlighted three main takeaways:
DDoS Attacks Size and Number are Increasing
The report observed that 74 percent of DDoS attacks were over 11 Gbps. When comparing Q1 2018 to Q4 2017, there was a 53 percent increase in the number of attacks and a 47 percent increase in the average of attack peak sizes. That said, year-over-year the average of attack peak sizes decreased 21 percent.
Multi-Vector DDoS Attacks Remain Constant
58 percent of DDoS attacks mitigated by Verisign in Q1 2018 employed multiple attack types. The report observed attacks targeting networks at multiple layers and attack types that changed over the course of a DDoS event.
Types of DDoS Attacks
User Datagram Protocol (UDP) – an alternative communications protocol to Transmission Control Protocol (TCP), used primarily for establishing low-latency and loss-tolerating connections between applications on the internet – was the number one attack vector in early 2018, accounting for 50 percent of total attacks in the quarter. The most common UDP floods included Domain Name System (DNS), Network Time Protocol (NTP), Lightweight Directory Access Protocol (LDAP), Simple Network Management Protocol (SNMP) and Memcached reflective amplification attacks.
Utilising the right DDoS mitigation strategy for enterprise
DDoS attacks clearly remain an extremely viable and unpredictable threat, so how do organisations determine the best mitigation strategy for protecting online assets? In my mind, DDoS prevention solutions need to demonstrate precision, automation and scalability.
Precision is essential in order for the solution to identify workloads initiated by hackers with no false positives or false negatives and to ensure that services and infrastructure remain available. A false positive could mistakenly block a legitimate user, while a false negative would occur if the system missed an attack.
Automation delivers the ability to auto-detect, mitigate and profile incoming traffic with minimal manual intervention. An intelligent solution ensures operations are simplified, responses are quick and DDoS defences are focused on the more sophisticated attacks.
Scalability is needed in order for the solution to mitigate and defend against attacks of all sizes. Threat intelligence can capture infected IP addresses and dynamically blacklist them.
The key benefits of DDoS protection
Every industry sector is now reliant on web connectivity and online services. No organisation can afford to have its systems offline or inaccessible for more than a few minutes: business partners and consumers expect seamless, 24/7 access to services, and being forced offline costs a company dearly. A Ponemon Institute study found that each DDoS incident costs $1,000,000 on average, including factors such as lost sales and productivity, the effect on customers and suppliers, the cost of restoring IT systems, and brand damage. Clearly in today’s highly competitive world, these factors are not acceptable. Businesses need to put strong defensive measures in place and I’ve outlined the key benefits in adopting DDoS protection below.
Brand Protection: Your brand name stands for everything your business is built on, therefore if a DDoS attack occurs and you are not prepared, your brand could take a big hit in the eyes of customers.
Increased Capacity: DDoS protection decreases or entirely eliminates costly downtime by distributing the attack across massive networks with high bandwidth, so you can carry on business as usual.
Better Understand DDoS Attacks: The origins and sources of DDoS attacks often remain unknown. With DDoS Protection you can learn more about every attack and better prepare your business for the future.
Unfortunately, with DDoS-for-hire services and increasingly sophisticated methods, DDoS attacks will continue to evolve and grow. Simply stated, because they are relatively easy and cheap to do – they continue to be effective in targeting businesses. To enable businesses to counter this constant threat, here at A10 we’ve focused developing DDoS protection that combines scalability, automation and precision to identify and mitigate multi-vector attacks. We’re also conscious of the economical balance that organisations need to strike when deploying network defence – ROI is important, but not at the expense of greater risk – so our solutions are designed to deliver maximum cost-effective protection.
Keeping up with the constantly shifting DDoS attack landscape is not easy, but by understanding how attacks are evolving and implementing the protective measures described above, organisations will be better placed to deny DDoS attackers.