sb-au logo
Story image

Why DDoS attacks show no signs of slowing down

Distributed Denial of Service (DDoS) attacks caused substantial damage to organisations across APAC and the world in the past year.

According to Neustar’s recent ‘Worldwide DDoS Attacks and Cyber Insights Research Report’, 84 percent organisations surveyed globally were hit by a DDoS attack in the last 12 months, with 86 percent of those organisations were hit multiple times.  

The code used to cause these large outages was published openly, and soon after all sorts of attacks and variants of the original code were causing havoc around the world.

Detection is too slow

DDoS attacks are not only occurring more frequently but are also getting more difficult to detect.

Within APAC, more than half of organisations on average are taking at least three hours to detect an attack and nearly as many took another three hours to respond once an attack was detected.

Alarmingly, slow detection and response can lead to huge damages financially. Around half of all organisations stand to lose an average of $100,000 per hour of peak downtime during an attack. To exacerbate this, 40 percent of organisations hit were notified by their customers of the attacks.

Investment is increasing

The worrying figures above help explain why 90 percent of organisations are increasing their investments in DDoS defences, compared to the previous 12 months - up from 76 percent last year- despite the fact that 99 percent already have some form of protection in place.

The threats faced today, and those anticipated in the future, are clearly forcing organisations to completely reconsider the ways they are currently protecting themselves.

Mitigating against DDOS attacks

Effectively mitigating DDoS attacks has become crucial for organisations that want to avoid damaging financial and reputational loss. In order to combat attacks, organisations need to adequately understand the threat, quantify the risk and then create a mitigation plan that corresponds to their needs.

Whether it’s a large or small scale DDoS attack, to keep up with the growing threat, companies will need newer, adaptable, and scalable defences that include new technology and methodologies.

Developing a mitigation plan

Paying the cost for a DDoS mitigation that exceeds their requirements is like over insuring your car – you are paying a premium for a service that does not match your level of risk/potential loss.

Similarly, implementing a DDoS mitigation that does not cover the risk will likely lead to additional costs, resulting from greater organisational impact and additional emergency response activities.

Once the severity of the risk is understood, there are three key critical elements of producing a good mitigation plan that must be enacted: detection, response and rehearsal.

Detecting an attack

Fortunately, there are several technologies out there that can be used to monitor both the physical and cloud-based environment. An example is how organisations can use Netflow monitoring on border routers to detect a volumetric attack, or provide this data to a third-party for analysis and detection.

They can also look at using appliances to conduct automatic detection and response, again managed internally or by a third-party. In a cloud environment, organisations can choose between a vast array of cloud monitoring tools that allow them to identify degradation and performance, CPU utilisation and latency, giving an indication as accurate as possible of when an attack occurs.

Responding to an attack

The response plan to the attack must be scaled to the organisation’s risk exposure and technology infrastructure. For instance, an organisation operating in the cloud with a moderate risk exposure might decide on a cloud based solution, pay-on-occurrence model.

On the other hand, a financial services company that operates its own infrastructure will be exposed to more substantial financial and reputational risk. Such a company would ideally look for a hybrid solution that would provide the best time to mitigate, low latency and near immediate failover to cloud mitigation for large volumetric attacks.

Rehearsal of your mitigation plan

Regardless of the protection method being deployed, it’s good practice to rehearse it periodically. Periodic testing can not only eliminate gaps or issues in responding to a DDoS attack, but can also prepare the responsible owners to perform their required actions when an actual event occurs.

In summary, DDoS attacks aren’t showing any signs of slowing down anytime soon. The threats associated with DDoS attacks cannot be understated or underestimated. Moreover, by quantifying the risk to the organisation and implementing a right-sized mitigation solution, organisations can effectively and efficiently mitigate the risk of DDoS attacks.

Article by Robin Schmitt, Neustar General Manager for Australia

Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Fast track your digital transformation with dynamic security services from Fortinet
Jon McGettigan, Fortinet A/NZ Regional Director, explains how enterprises can speed up their network service delivery programmes by embracing Fortinet’s dynamic security services.More
Download image
Equinix study: Firms turn to NFV to support distributed networks
Decision-makers looking for a solution that virtualises a wide range of network functions should evaluate NFV, study finds.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More