Lizard Squad said it best in the recent Sony PlayStation DDoS attacks, rocking the online gaming industry, and leaving players denied from logging into the gaming community.
Fact: DDoS attack tools are easy to come by, and cheap to execute, and the motivations for targeting victims are endless.
Myth: “I’m not susceptible to DDoS attacks, because I’m not a Banking or Retail giant.”
The reality of today’s cyber threat landscape is in-fact quite ruthless. Anyone with a couple of bucks, access to the Internet, and some kind of stimulus or shall we say ‘enthusiasm’ for carrying an attack will do just that. If you operate your business via the World Wide Web, there is no doubt that DDoS will become a thorn in your side eventually, if it isn’t already. DDoS does not discriminate based on Industry or vertical, and the headlines are proving this on a daily basis.
A key trend to be aware of as we close out 2014 and look forward into the New Year, is the concept of partial saturation DDoS attacks. While we are all very familiar with the traditional definition of DDoS, there is far more to be weary of than just the denial of service itself. We are all very well aware that DDoS attacks result in loss of profits, damaged reputation, reduced productivity and costly downtime. With the more sophisticated and adaptive attacks we are seeing an increase in DDoS as a smokescreen to distract and consume IT resources, disguising a hybrid attack to perpetrate data theft. While bandwidth consumption continues to play a key factor, these under the radar attacks are proving to be far more damaging than the disruption of service.
Organizations that can answer yes to either of the following questions must reconsider their DDoS defense plan in place before falling victim to another denial of service, or data breach scenario.
- My business relies on the Internet to conduct business
- My business (or with the support of third party resources) maintains sensitive customer information
It’s time to break up with DDoS for good in 2015 with First Line of Defense real-time detection and mitigation.