“Everyday” DDoS Attacks Must Be Mitigated
At last week’s CLOUDSEC 2017 conference, Corero CEO Ashley Stephenson spoke to attendees about the importance of mitigating the “everyday” small-scale distributed denial of service (DDoS) attacks that are pervasive and harmful to global businesses. Although massive volumetric attacks continue to make headline news, and such attacks are likely to get even more massive in scale, it is the short, frequent, low-threshold DDoS attacks that commonly affect businesses.
In our recent 2017 DDoS trends report, Corero found that fully 80% of DDoS attacks among our customers are less than 1Gbps in size, and 71% of attacks last less than 10 minutes. Simultaneously, we found that slightly larger (not massive, however) attacks in the realm of 10Gbps comprised only 1.7% of all attacks.
Small Scale DDoS Attacks Are Cause For Concern
The prevalence of low-threshold, sub-saturating attacks should warrant just as much concern as volumetric attacks. After all, it is not as if hackers cannot launch large-scale attacks, but rather that they choose to launch smaller attacks because smaller attacks often go undetected, and often serve as a smokescreen for more damaging cyberattacks. A small DDoS attack can take down a company’s firewall in a matter of seconds, thus enabling the hacker to infiltrate and map a company’s network, possibly installing malware. Even if the hacker does not infiltrate the network, the DDoS traffic creates “noise” on the network, thus degrading service and performance. For Internet service providers and hosting providers this is a major concern, because the sub-saturating attacks steal bandwidth; any DDoS traffic traversing their network is costly in terms of their network infrastructure resources and maintenance.
The Bottom Line
Small attacks are usually unnoticed—and therefore, not blocked—by cloud-based DDoS scrubbing solutions. If the IT security staff does notice a small attack, it takes several minutes to swing the traffic out to a scrubbing service. In contrast, Corero’s automated DDoS protection solution detects such low-threshold attacks immediately, and blocks them in less than 1 second.
Click here to view Stephenson’s slide presentation from CLOUDSEC 2017.
Corero has been a leader in DDoS protection for several years. Contact us to learn more about how we can protect your business.