According to our recent DDoS Trends Report, Corero customers experienced an average of 124 attacks per month in the first quarter of this year (Q1 2017); that’s an increase of 9 percent compared to Q4 2016. In addition, 79 percent of DDoS attacks that Corero mitigated among its global customer base were less than 1Gbps in volume in Q1 2017. 98 percent of attacks were 10Gbps or less in volume.
In general, the trend that IT experts across the globe are witnessing is that small, sub-saturating attacks are much more common than large, volumetric attacks, yet the volumetric attacks are much larger in scale and impact than ever before. The mega DDoS attacks that hit high-profile targets such as Dyn, OVH and KrebsonSecurity in the fall of 2016 are prime examples. Our research found a 55% increase in large DDoS attacks of more than 10Gbps in the first quarter of 2017, compared to the previous quarter. DDoS experts predict that advanced, volumetric attacks will become more common in the near future.
What’s changed to create these trends? One factor is the increase in devices that actively connect to the Internet of Things (IoT). Such devices are riddled with security vulnerabilities, which makes them easy to recruit into botnets. Another factor is that it is easy and affordable for anyone with a grudge and some money to contract with a DDoS-for-hire hacking service online to carry out an attack. Yet another factor is that the hackers freely share the code for launching attacks; hackers unleashed the Mirai botnet source code in October, shortly after the September 2016 attack on KrebsonSecurity.com; on October 21, Dyn experienced a massive DDoS attack.
Awareness is Growing
Enterprises are becoming more aware of the threat. According to a recent Corero survey, 56 percent of those IT and security professionals surveyed feel that DDoS attacks are a greater concern in 2017 than they have been in the past. Their concern is justified; networks are definitely more vulnerable due to the increase in frequency and potency of DDoS attacks.
So which type of DDoS attack should enterprises worry about? The answer is, both.
Small-scale DDoS attacks can be just as dangerous, if not more dangerous, than a massive volumetric attack because they are often used as a diversion tactic, or a “Trojan Horse.” While IT security teams respond to a DDoS attack, hackers may be installing ransomware or stealing secure data from a part of the network. Volumetric attacks, though less common are obviously dangerous, especially for high-profile websites that depend on Internet connectivity to generate revenue or provide a service to other high-profile clients.
Improving DDoS Defenses in 2017
The rise in both small-scale and volumetric attacks has not gone unnoticed by the teams at Corero. We have been busy improving our products, expanding services and forging new partnerships and deals that will help to protect organizations from DDoS attacks. Here’s just a few of the ways we are working tirelessly in 2017:
- Released the SmartWall® Network Threat Defense 1100 that enables real-time DDoS detection and mitigation for full 100 Gigabit Ethernet connections in a 1 RU form-factor appliance (up to 4Tbps in a single rack).
- Launched the SmartProtect Program and SmartWall Service Portal that allow Service and hosting providers to expand their security offerings to include DDoS Protection as-a-Service (DDPaaS) and real-time traffic dashboards to monitor for DDoS attacks.
- Partnered with leading network back-bone hardware manufacturers to integrate DDoS protection into devices like routers and switches.
- Working with government agencies to ensure their services go uninterrupted by installing the SmartWall real-time DDoS protection appliance.
- Expanding our Research & Development Office in Edinburgh, UK to double the number of engineers working to create the leading network protection solutions.
For more information, contact us.