Organizations today are heavily reliant on the internet to function and if anything is done to disrupt this availability, it can have catastrophic repercussions on the way those organizations operate. Distributed Denial of Service (DDoS attacks), in particular, can inflict the gravest consequences to a business and cause damage to a brand’s reputation, customer trust and revenue. What is even more staggering is that the frequency of DDoS attacks has once again risen in the past year. Indeed, according to a recent report from Corero Network Security, organizations faced an average of eight attacks per day in Q2 2018, an increase of 40 percent compared to the same quarter in 2017. However, while frequency has increased, the duration of attacks decreased with 77 percent lasting ten minutes or less, of which 63 percent last five minutes or less.
So, how does the surge in the frequency of DDoS attacks shape today’s threat landscape and what should organizations do to protect themselves from even the smallest of attacks?
A growing number of smaller, low-volume DDoS attacks
The increase in DDoS-for-hire services and unsecure internet of things (IoT) devices has turned DDoS attacks into an everyday occurrence for organisations around the globe. However, for all the hype around the large, volumetric attacks, they still represent a tiny fraction of all the DDoS attacks which take place on a daily basis.
Corero researchers confirm they are seeing a larger number of short-duration, low-volume attacks crippling organization’s networks and wreaking havoc. These smaller, shorter, attacks typically evade detection by most legacy and homegrown DDoS mitigation tools, which are generally equipped with detection methods that are blind to this level of activity. This allows hackers to perfect their attack techniques while remaining under the radar, leaving security teams blindsided by future attacks.
Most organisations know that even a few minutes of downtime can prove costly for the company’s bottom line, customer confidence, and will result in overall reputation damage. Network and web service availability are crucial to ensuring customer satisfaction and sustaining customer trust and confidence in a brand. These indicators are vital to both the retention and acquisition of customers in highly competitive markets. When an end user is denied access to Internet-facing applications, or network outages degrade their experience, it immediately impacts brand reputation.
Industry's best practices
The combination of the size, frequency and duration of modern attacks represent a serious security and availability challenge for victims. One of the biggest issues associated with short, low-volume, attacks is the fact that they are often overlooked, which can prove a huge and costly mistake. Regardless of the motivations behind DDoS attacks, or the techniques used by hackers, those threats remain one of the biggest challenges for online organizations nowadays. Perhaps, most concerning is that, if organizations don’t have the right protection in place they could be unknowingly suffering service impact and minor outages that they would attribute to other IT issues, due to the lack of visibility. To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it is essential that organizations maintain comprehensive visibility and automated mitigation capabilities across their networks, to instantly detect and block any DDoS attacks, regardless of their size, as they arise.