Corero
Blog & News

“Everyday” DDoS Attacks Must Be Mitigated

Although massive volumetric DDoS attacks continue to be the ones that make headline news, and with the ‘next biggest’ attack likely to occur at any time, it is the short, frequent, low threshold “everyday” DDoS attacks that are most commonly affecting businesses. With 86% of DDoS attacks lasting less than 10 minutes and a 400% increase in OpenVPN attacks, due to the growth in remote working, it should be no surprise that DDoS is now more of a risk to business continuity than ever.

Small DDoS Attacks Should be Cause for Concern

The prevalence of low-threshold, sub-saturating attacks should warrant just as much concern as saturating volumetric attacks. After all, it is not as if hackers cannot launch large-scale attacks, but rather that they choose to launch smaller attacks because these often go undetected, can be more difficult to mitigate, and can even serve as a smokescreen for more damaging cyberattacks. A small DDoS attack can take down a company’s firewall in a matter of seconds, thus enabling a cybercriminal to infiltrate and map a company’s network, possibly installing malware. Even if an attacker does not saturate the network, the DDoS traffic can create enough “noise” on the network, to distract from their true intent. Sub-saturating attacks are also a growing challenge for Internet service providers and hosting providers, as they steal valuable customer bandwidth; DDoS traffic traversing their network is increasingly costly in terms of their network infrastructure resources and maintenance.

The Bottom Line

The fact is, legacy DDoS mitigation solutions, such as those that rely on flow monitoring and out-of-band scrubbing, can completely miss the small, low-threshold attacks, or be too slow to mitigate short ones. Just because a DDoS attack is small doesn’t mean it isn’t a big problem. It takes attackers only a few minutes to map a network, steal date, install malware, or discover your network vulnerabilities; without dedicated DDoS protection, by the time IT staff notice an attack in progress and divert traffic to be cleaned at an out-of-band cloud, or on-premises, scrubbing center, the damage has likely already been done.

Manual approaches by IT security staff, or the use of cloud DDoS scrubbing services typically take minutes, to tens-of-minutes, before DDoS mitigation commences. In contrast, Corero’s automated DDoS protection solution detects attacks immediately, and can block them in less than a second.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s flexible deployment models, click here.  If you’d like to learn more, please contact us.