DDoS attacks have increased by 16% since the beginning of 2018, achieving record high throughput volumes (1.35Tps) and featuring adaptive mechanisms and new attack vector techniques.
The content delivery network (CDN) services provider cloud security solution Akamai, has recently published their The Summer 2018 State of the Internet / Security: Web Attack. These reports reports are published twice a year after breaking down all the security attacks performed against their own infrastructure (over 7000 in the last 6 months). Their main goal is to inform users on the latest changes in security attacks to help improve protection.
One of the main highlights from the report is that DDoS attacks are not just about volume. Many would think of DDoS as only one type of attack vector – volumetric. They tend to be the ones that get the most attention, the ones that frequent press headlines more often. Funnily enough, they are the ones that are easier to identify and mitigate nowadays. As long as traffic is redirected to your on-prem or cloud scrubbing once detected, protection occurs in a matter of minutes.
Attackers are getting more sophisticated though: Picture a 45-minute-long, high capacity SYN flood attack to a particular IP. Once an attack has been detected and mitigation has started, the attacker may change the vector and reduce substantially the volume of traffic. For many security platforms this malicious traffic is likely to be allowed, since it may look as though it is just normal TCP threshold.
So, on one side you need to be able to get protection for large attacks. Inline mitigation devices will be ineffective for volumetric attacks larger than your link total bandwidth. And if your organization have multiple internet links or you work for an ISP this is just non-practical. An always on traffic redirection to a cloud-based DDoS protection service will overcome that limitation but will likely come at a high price point. On the other side, adaptative and evolving DDoS attacks that may trick some of the above defences.
What can organizations do to protect themselves moving forward? Mirror the attackers: evolve and adapt.
DDoS attacks are here to stay and they will only get more complex as more vectors to exploit vulnerabilities are created. Organization need to be as creative as those attacking them. What does your DDoS response plan look like? I would love to learn from your experience so please comment below.
P.S. If you want to know more, this webinar will give you some tips on adaptative DDoS attacks.
View all posts from Jesus Mingarro on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.
Learn MoreSubscribe to get all the news, info and tutorials you need to build better business apps and sites