majority | DDoSInfo – Information about DDoS and Denial of Service Attacks

While Distributed Denial of Service (DDoS) attacks have been around for over 20 years, they have only become well-known to the majority of enterprises over the past ten years or so. Ten years ago, many enterprise IT teams only had a vague idea of what a DDoS attack was because they noticed the common symptoms “our website is down,” “the firewall crashed,” “nothing works” etc. The average IT team in 2006 would not have been aware of the techniques DDoS attacks typically used like spoofed addresses or POST floods. In order to provide a true understanding of what DDoS attacks were and how enterprises could defend against them, some basic education had to happen. In 2006 that meant putting it in terms that everyone understood, “what would happen to our meeting if we tried fitting 100 people in this room?” Eventually as education continued and attacks grew in notoriety, the basics of DDoS became common knowledge in the industry. But DDoS in its nature is an evolving threat and as application-layer attacks became predominant more education was needed. Application-layer attacks are not about blocking access to the door of the meeting room anymore, now we had to explain the stealthy nature of low-volume, targeted attacks. “So you’ve let two of us in this meeting room because we appear to be legitimate salespeople, but now we’re going to unplug the projector so you can’t run your meeting properly.” Now ten years later, the majority of enterprise IT teams have a solid understanding of the threat DDoS poses and the basics of defense but even today we still come across people who believe they can protect themselves against DDoS attacks by simply increasing their bandwidth or relying on their firewalls or unified threat management appliances. With the volume of attacks today that is definitely not enough to ensure service and network availability in the face of sustained DDoS attacks. The majority of DDoS education today has shifted from learning about the attack methods themselves to the correct defense techniques and processes. Even with the significant improvements in DDoS education and awareness, a lot of people still have unrealistic expectations that once they install a DDoS mitigation solution their job is done. There is no silver bullet against DDoS attacks. There is no magic box, there is no “set it and forget it” solution. You still have to educate the user. Part of this comes from the misconception that DDoS attacks are launched by untalented kids. While that is true in some cases, many enterprise IT teams are surprised to find themselves often fighting against talented opponents who are often smarter than them, have more time than them and whose effort to start attacks is minuscule compared to their effort in blocking them. Often times, when faced with these advanced adversaries, IT teams are quickly overwhelmed. Even though they have some mitigation tools in place, they may not have the right tools. They may not know who to call or recognize the type of attack targeting their systems. In short, they don’t have a technology problem, they have a people and process problem. Think of DDoS defense like a NASCAR race, you have a super-powerful car (your DDoS mitigation solution or service), but if you don’t know how to drive over 70 mph, you’re going to crash and hurt yourself very quickly. And let’s not even mention what happens if you decided to install that cheap transmission because it was half-off. Enterprise IT teams need to focus on building the best car they can, hiring a skilled team that can keep the car in its best possible condition and then hiring the best driver they can afford to drive the car when the time comes. Even if you have the best car in the world, an unskilled maintenance team or driver will lead to a third or fourth place finish at the end of the season. But if you want to win the championship, you need the best car, mechanics and driver you can afford. Moving on from the NASCAR analogy, this means: Understanding the technology that best fits your needs: on-premise, always-on, protection or an on-demand service? Customizing that technology to fit your assets. Is it just your website or the services you provide from it? What about defending your corporate network? Identifying and training a team that is capable of understanding all of the procedures in all possible scenarios that surround a DDoS attack. Continue evolving your mitigation strategy. Keep your technology state-of-the-art and provide continuous training for your team. If you follow these steps you’ll end up in the winner’s circle after mitigating another DDoS attack and not in pit row trying to figure out what went wrong. Source: http://wwpi.com/2016/10/12/a-decade-of-ddos-education-whats-changed-and-whats-stayed-the-same/

Visit link:
A Decade of DDoS Education: What’s Changed and What’s Stayed the Same

We have all heard the stories of businesses which have suffered debilitating DDoS attacks and, in some cases, succumbing altogether. Take Code Spaces, the web-based SVN and Git hosting provider which suffered such an attack in June 2014 that it was forced to wave the white flag and cease trading after recovering all the data lost would cost too much. Now, a new piece of research from A10 Networks argues businesses face ‘sudden death’ from DDoS if caught unawares. The average company was hit by an average of 15 DDoS attacks per year, according to the survey of 120 IT decision makers, with larger organisations more badly affected. One in three (33%) respondents said they had encountered DDoS attacks of more than 40 Gbps, while one in five had suffered downtimes of more than 36 hours due to the attack. The average attack of those polled lasted 17 hours. More than half (54%) of respondents said they would increase their DDoS budgets in the coming six months, while multi-vector attacks were seen by the majority of those polled (77%) as the most dangerous form of DDoS threat in the future. “DDoS attacks are called ‘sudden death’ for good reason. If left unaddressed, the costs will include business, time to service restoration and a decline in customer satisfaction,” said A10 Networks CTO Raj Jalan. He added: “The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.” Previous research has examined the growing sophistication of DDoS threats. In April, Neustar argued that such DDoS issues were “unrelenting”, with more than seven in 10 global brands polled having been subject to an attack. Source: http://www.appstechnews.com/news/2016/jun/16/businesses-receive-another-warning-over-threat-ddos-attacks/

Continue reading here:
Businesses receive another warning over the threat of DDoS attacks