A combination of factors is driving the trend of DDoS attacks, including the emergence of IoT and mobile botnets, the easy availability of for-fire services in criminal marketplaces, and an increase in criminal actors seeking to monetize DDoS attacks. Here are the basics you need to know about DDoS:
1. DDoS attacks are growing in popularity. There were 7.5 million attacks in 2017. Kaspersky Lab estimated that 33% of organizations faced a DDoS attack last year from just 17% in 2016.
2. IoT devices can be used in DDoS attacks. Attacks that leveraged IoT devices were favored heavily by cybercriminals in the last year. These attacks have been effective, and the proportion of enterprises experiencing revenue loss due to DDoS nearly doubled in 2017.
3. DDoS attacks have become shorter, more powerful, and more persistent. They are no longer just a way to disrupt a victim’s services—they are being used to extort money, or as a distraction to hide other malicious activity and as a tool to hurt competitors
4. You can conduct a DDoS attack if you can pay. There are web services that are fully functional web applications that allow registered customers to manage their balance and plan their DDoS attack budget. A common occurrence we see is with online gamers. Some developers even offer bonus points for each attack conducted using their service. Essentially, cybercriminals have their own loyalty and customer service programs. As of March 2017, a DDoS attack lasting 10,800 seconds will cost the client $60, or approximately $20 per hour.
5. Automation is the first line of defense. 88% of service providers already use intelligent DDoS mitigation solutions as part of their strategy. Firewalls and intrusion prevention systems that come with some built-in DDoS mitigation are not sufficient; organizations should also consider some of the on-premises, in-cloud, and hybrid DDoS mitigation options currently available.
When DDoS attacks happen, service providers are left to pick up the pieces, which can and often does cost thousands upon thousands of dollars. If you’re a service provider, contact us today (303-678-1844 or firstname.lastname@example.org) about how we can help you with DDoS protection.