Denial-of-Service (DoS) attacks have been used by cybercriminals for more than 20 years to cripple organizations, extort money, and conceal malicious activities. In the early 2000s, Distributed Denial-of-Service (DDoS) targeted mainly Internet Service Providers (ISPs), financial institutions, and e-commerce companies. Dark Reading reports that today, companies of all sizes and operating in all industries are threatened. Small and midsize businesses are often easier targets because of a general lack of awareness and protection against DDoS.
How DDoS Attacks Work
Essentially, DDoS attacks aim to prevent legitimate users from accessing the organization’s IT resources, products, or services. Using botnets (network of malware), attackers gain control of various endpoints such computers, servers, Internet of Things (IoT), and mobile devices. Then, they proceed to flood the victim’s bandwidth, network infrastructure, or other resources with multiple requests for data, making online resources slow to respond or completely unavailable to legitimate requests.
A Growing Threat
According to an article recently released by SecurityIntelligence, the size of DDoS attacks on companies is four times larger than it was in 2015. As the size and availability of modern botnets increases, the frequency and impact of DDoS attacks also grows. Within the last couple of years, these attacks grew from attackers sending 50 gigabytes per second to them exceeding 1,000 gigabytes per second.
Current Trends in DDoS Attacks
Recently, advanced techniques such as Advanced Persistent Denial-of-Service (APDoS) attacks have emerged. APDoS attacks can take various forms but generally consist of network floods and Hyper Text Transfer Protocol (HTTP) floods, followed by repeated Structured Query Language (SQL) injections and execution of multiple malicious scripts at varying intervals. Attackers will also tactically switch between targets to create diversion while still focusing on the main target. Other emerging techniques include Secure Sockets Layer (SSL)-Based DDoS and Domain Name System (DNS) flood attacks (also called DNS Water Torture Attack) which target the organization’s Domain Names Servers.
What You Can Do
• Have a DDoS Mitigation Plan: Draft an emergency response plan to mitigate the impact on your organization in case you become a DDoS attack victim. This should include a disaster recovery plan and tested procedures.
• Prevent and protect: It is not all bad news. As the attackers are becoming more sophisticated so are CyberSecurity solutions. Affordable solutions include using a third-party DDoS protection service to monitor and analyze your network traffic, distinguish legitimate traffic from excessive malicious traffic, and divert malicious traffic. Visit WhiteHawk Advisory Services to speak with our CyberSecurity advisors to determine what solutions best fit your technological environment and budget.