Latest figures from Kaspersky Lab’s DDoS Q1 2019 report show that there has been a significant rise in DDoS attacks. They compared Q1 of 2019 to Q4 2018 and found a staggering 84% increase, and this was particularly high in the number of attacks that lasted more than an hour.
Kaspersky has concluded that these statistics back up their theory that hackers are evolving their techniques and launching longer attacks which have even worse consequences.
As hackers exploit new techniques to break into systems, DDoS has become one of the key attack methods used, and so whilst cybercriminals have access to an ever-growing range of tools to target and interrupt business operations, this ever-growing threat remains.
What is a DDoS Attack?
A distributed denial-of-service (DDoS) attack has fast become one of the most powerful threats to the internet. It is used as an attempt to make online services unavailable by flooding the intended target with high volumes of traffic from various sources. Put simply, hackers will try and push more traffic to an organisations server than it can handle, causing their business to become offline and often stopping business critical systems from working.
DDoS attacks range from small to large-scale and can cause real interruption to business operations, often resulting in lost revenue, data, and reputational damage.
Some warning signs could indicate a DDoS attack has taken place:
– An abnormal spike in traffic
– Large amounts of spam emails
– Internet disconnection
– Inability to access a particular website
‘Always On’ and DDoS Mitigation
As the volume, frequency and sophistication of DDoS attacks increases, the need for better network visibility and protection has grown. This has led to ‘always on’ detection and mitigation being a vital form of protection to ensure uninterrupted internet access in the event of an attack. Other alternative defences, such as DDoS blackhole routing and diverting traffic to services in the cloud are not fast enough to cope with the pace of attacks and require the ISP to intervene (sometimes manually] and re-route traffic.
Protection models using an ‘always on’ model, work by detecting attacks on the edge of the IPS’s network, removing the malicious traffic and allowing full internet access and normal business operations to return. The biggest benefit of ‘always on’ is that protection happens all the time, whereas other models are for limited durations, and happen only when an attack has been detected.
At HighNet, we have detected and mitigated scores of DDoS attacks, so we know the pace at which these can happen and the effects they can have on businesses of all sizes. We can also see the trend for larger-scale attacks happening, reinforcing the Kaspersky Lab research.
Companies should remember that DDoS is often used as a distraction attack, and so whilst IT teams put their efforts into defending that assault, attackers could be swiftly pushing their attention to another business-critical system. Our biggest piece of advice to our customers is to ensure that ‘always on’ protection is something that their internet service provider offers, otherwise it will leave them more vulnerable to an impending attack.
If you’d like to find out more our team of experts are always on hand.