Distributed denial of service (DDoS) attacks happen for a variety of reasons, competitive advantage, hacktivism and even financial gain. In the past, attacks were predominantly large, lasting tens of minutes and using high volumes of traffic to block legitimate users from accessing a web server or an application. With the rapid increase in the sophistication of the cybercriminal community, many attacks are now much shorter in duration, but equally, if not more dangerous. As consistently reported, the vast majority (98%) of mitigated DDoS attacks are less than 10Gbps in volume. The continuing trend is also for short duration attacks, with 63% in 2020 lasting less than 5 minutes, and 23% less than 10 minutes.
These smaller attacks should be of particular concern for Internet Service Providers and Hosting Providers. They can be difficult to detect and even though they don’t steal as much bandwidth individually; the impact due to the increased frequency of DDoS traffic on their network can still be costly. Plus, their reputations are at stake here – as we’ve previously reported, many organizations are under the impression that their providers are already protecting them from such attacks.
The latest techniques used are not only more difficult to detect, using manual or legacy approaches, but they are also near impossible for these older solutions to mitigate without resorting to blocking all incoming traffic to the target, preventing any legitimate traffic from getting through and effectively completing the attack. Small attacks can impact infrastructure and security devices, potentially leaving a network wide-open to malware or stealing of sensitive data. This has the potential to be much more damaging than taking a website or service offline.
Proactive, always-on, DDoS protection should be a critical element of any cyber security defenses and is key to ensuring business continuity. As organizations develop their resiliency plans DDoS protection time-to-mitigation exposure must be a critical evaluation factor. On-premises detection and mitigation, as a part of a cloud hybrid DDoS protection solution, can close that gap completely, so that no negative impact is experienced.
Look out for our detailed 2020 DDoS Threat Intelligence report launching next week to gain further insights and observations from attacks against Corero customers in 2020, as well as recommendations to better defend your organization against such attacks.