2.5 million reasons why it’s critical to boost DDoS defenses
Distributed denial of service (DDoS) attacks are continuing to grow in size and frequency, and hitting a larger number of organizations than ever before: that’s the message from the latest Worldwide DDoS Attacks & Cyber Insights Research Report from Neustar. 84% of the 1000-plus organizations surveyed for the report said that they had been targeted by a DDoS attack over the past year, and 45% of respondents said they had been hit by more than five attacks over the past year. The total number of DDoS attacks worldwide increased by 15% during the past 12 months, across all sectors.
What’s more, the average size of a DDoS attack has doubled to 50Gbps, with the proportion of large-scale attacks, with traffic volumes greater than 10Gbps per second up by 11% on the previous year to over 45%.
If that isn’t enough, DDoS is also increasingly being used as a smokescreen for other malicious activity by cybercriminals. The report found that 42% of organizations that experienced a DDoS attack were also hit by a malware infection at the same time, and 27% of DDoS attacks in the past year were accompanied by either ransomware or extortion by threatening further DDoS attacks, up from 15% in 2016. It’s no surprise then, that DDoS is proving costly to organizations: the average loss of revenue reported by organizations hit by an attack was $2.5 million.
These figures make sobering reading. What can organizations do to better protect their networks and critical applications business against attacks, to mitigate the risks of service outages and lost revenues. An excellent starting point is to test your systems and services to see how they would hold up during an attack, under realistic DDoS conditions. The key is to choose a testing solution that uses a broad range of realistic attack flows, in particular emulation of DDoS attacks at scale. With such attacks increasing in volume and frequency all the time, it’s essential for you to see how your network can cope when up against the real thing – and then to put measures in place to mitigate their impact. Ixia’s BreakingPoint solution offers specialized DDoS simulation capabilities, enabling testing to be done efficiently and accurately.
You can also reduce your attack surface, minimizing the exposure of your network to malicious activity. The majority of DDoS attacks are launched from IP addresses that are known to be compromised by hackers, and are known to host malware, bots and other malicious code. If an IP address has a reputation for sending out attacks, why would you want it to communicate with your network for any reason? If these IP addresses are prevented from even ‘touching’ the network in the first place, then they cannot be used to launch either DDoS attacks or penetrative cyberattacks.
This also applies to blocking traffic from geographies where you know you don't do business, and are known to be responsible for a large proportion of malicious attacks – such as North Korea. Blocking regions is simple if you know how, drastically reducing the workload on perimeter protection tools and extending the effectiveness of firewalls.
Doing all this is simple with Ixia’s ThreatARMOR solution, a purpose-built threat intelligence gateway. It uses a threat intelligence database of known compromised IP addresses that is continuously updated, so there is very little risk of blocking legitimate traffic. Likewise, threats that are already on corporate networks – such as stealthy bots – can be automatically blocked from communicating out to their external command and control centers, reducing the risk that your computers can be harnessed to launch similar DDoS attacks. Put simply, this approach drastically reduces your exposure to a range of cyberattacks, not just DDoS, in a simple and automated way.
DDoS attacks are a real problem for business, but there are steps you can take to minimize their impact on your services or applications. Find out more about how Ixia’s sophisticated DDoS mitigation test can help you proactively take control of your DDoS prevention strategies.