In recognition of Cybersecurity Awareness Month, Corero Network Security recently released some new threat intelligence data gathered from DDoS attacks against our customers in the first half of 2021.
Organizations around the world are increasingly dependent on the Internet to conduct business. As our Internet-connected world grows more complex, Distributed Denial of Service (DDoS) threats have become more sophisticated, more frequent, and in some instances like the recent 2.4Tbps attack Microsoft said they mitigated, much larger. When the Internet goes down, organizations that rely on the Internet go down with it. While most people only think about DDoS attacks when they hit the headlines, these attacks are considered one of the most serious threats to Internet availability today. Downtime, or increased latency, can significantly impact a company’s brand reputation, customer trust, and revenue. Understanding the nature of DDoS threats, especially the latest trends, helps your organization make educated decisions when it comes to strengthening your network security posture. .
This data summarizes different aspects of DDoS attacks on Corero customers and provides valuable insights for CISOs as well as members of their Security Operations team.
Short Duration Attacks Require Automated DDoS Protection
The percentage of attacks lasting less than 10 minutes remains high at 85%. Cybercriminals continue to use shorter-duration attacks to dodge detection from legacy DDoS solutions. If a disruption in the network goes on for just a few minutes it is likely that it will fly under the radar, making these short duration attacks especially dangerous. By the time a staff member has been alerted, the damage has been done.
The Risk of Repeat Attacks Continues
Cybercriminals tend to perform repeat DDoS attacks on the same organizations over a certain period. In fact, Corero’s data shows that there is a 29% chance of being targeted by a second attack within just one week. Ensure your cybersecurity analysts pay close attention to the source of any DDoS attack. The same nefarious actor might try a similar attempt within a matter of days.
DDoS Attack Duration and Size Remains Relatively Unchanged
Our new data also illustrates that the duration of DDoS attacks remains largely unchanged. Over the past three years, the duration of two-thirds of all attacks was less than 5 minutes. All told, of DDoS attacks last less than 10 minutes. As mentioned earlier, these short-duration attacks often go undetected by legacy DDoS solutions.
The typical size of DDoS attacks also remained steady since 2018. In fact, around 80% of all attacks peaked at less than one gigabit per second of traffic. Additionally, 60% of the attacks used a packet size anywhere from 128 to 2048 bytes, with 40% focused on high packet rates, with packet sizes less than 128 bytes.
Cybersecurity Awareness Month Requires a Fresh Approach to DDoS Protection
Since October is Cybersecurity Awareness Month, now is a good time for your company to take stock of its entire Security Operations approach. Vigilant protection against all types of cybercrime remains an essential part of any organization’s IT operations. While ransomware and data breaches are in the news on a weekly basis, our new data highlights the fact that DDoS attacks also cause significant problems to many businesses, and without proper protection, your organization is at risk.
There are a variety of protection options available, on-premises, in the cloud, or a combination of the two commonly referred to as hybrid DDoS protection. However, be sure to assess your risk tolerance and that of your customers. If any amount of downtime cannot be tolerated, analysts recommend investing in an always-on solution.
For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s flexible deployment models, click here. If you’d like to learn more, please contact us.