Distributed Denial of Service (DDoS) attacks pose a far greater threat than most people realize. Attacks are not simply more numerous: They have grown far more dangerous, as sophisticated, surgical application-layer attacks have supplanted brute-force network floods as the cyber criminal’s weapon of choice. These attacks are more difficult to detect and mitigate.
Every commercial enterprise and public sector organization that relies on the Internet is at risk - no organization is immune from attack. Both network- and application-layer DDoS attacks can bring online transactions to a halt: Access to information and services is blocked, business is disrupted, and the corporate brand is damaged. On the Internet, time is money. DDoS attacks can typically last for hours, costing high-transaction websites many thousands, even millions of dollars in direct lost revenue and much higher potential loss because of customer shift to other sites.
The newer low-and-slow DDoS attacks on the application layer are the devil you don’t know. We still see published recommendations that mitigating DDoS attacks is mostly a matter of providing sufficient bandwidth to absorb the enormous volume of traffic that network floods produce. That notion is simply out of date.
Network-layer flood attacks gobble up bandwidth, causing clear traffic spikes, while application-layer attacks often appear as normal traffic. Flood attacks typically employ armies of thousands of hijacked PCs - botnets - to overwhelm targeted servers. They require enormous resources and are not at all subtle. Many organizations react by subscribing to services from their ISPs and cloud-based providers to blunt these in-your-face assaults. It is costly and, of late, not enough.
The threat of DDoS attacks is growing, with no signs of abating. In order to keep their sites and services up and running, organizations should be proactive and implement DDoS response plans and mitigation technology capable of countering today’s sophisticated application-layer attacks.
This Article has been written by:Ashley Stephenson, Executive Vice President at Corero
Network Security_____________________________________
Network Security Solutions -
DDoS Protection
