This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

DDoS attacks: half of targeted firms get hit again

Share this article:

Two new reports reveal that DDoS attacks are not only getting bigger- now logged between 250 and 325 Gbps, but that these attacks often target the same organisation more than once.

DDoS attacks grow as first DIY kits emerge
DDoS attacks grow as first DIY kits emerge

The business challenge presented by DDoS attacks hit the spotlight once again this morning, after a research analytics firm revealed that 35 per cent more firms were hit by attacks during 2013 than in 2012 - and with 28 per cent of logged attacks seen last years lasting two days or more.

The most revealing takeout from the Neustar analysis - the firm's second annual report, entitled `DDoS Attacks & Impact Report - 2014: The Danger Deepens' - is that once attacked, there is an estimated 69 percent chance of a repeat attack.

And whilst 31 per cent of these companies were DDoS-attacked once, over 48 percent said they had been targeted between two to 10 times.

Neustar's figures confirm Arbor Networks' report - released last week - which saw a record 325 Gbps attack hit a French organisation earlier this year, with a massive spike logged by the research division of the DDoS remediation firm on the first quarter of this year.

Arbor says that it 72 attacks larger than 100 Gbps in size and volume, as well as 50 percent more attacks in the first quarter of 2014 than the entirety of 2013.

Back at Neustar, the research company claims that 32 percent companies hit by a DDoS attack last year estimated the events had cost them more than £240,000 per day during the outage. Additionally, the reports notes larger DDoS attacks are becoming more frequent with a 200 percent increase in attacks affecting bandwidth of between 1 and 20 Gbps.

For its research, Neustar took in response from 331 companies in the UK, across a range of public and private sector organisations. The company says its results show that DDoS attacks disrupt multiple business units - with public-facing areas like call centres, customer service and marketing operations absorbing more than 40 per cent of DDoS-attack related costs.

This high cost may because these business functions are key revenue earners in most commercial companies, notes, but the report also cautions that DDoS attacks are now being used as smokescreens for other attacks - an attack vector that security researcher Brian Krebs has reported on several times over the last 12 months.

Rodney Joffe, Neustar's senior VP and technology fellow, said that organisations must remain constantly vigilant and abreast of the latest threats.

"As an example, Neustar's UltraDNS network suffered an attack just last week peaking at over 250 Gbps – a massive attack by industry standards. Even with proper mitigations in place, the attack caused an upstream ripple. It is a constantly changing threat landscape,"he noted.

According to Mark Teolis, general manager with DOSarrest, a DDoS remediation specialist, the key problem with the latest generation of attacks is not just the volume and bandwidth used, but their general sophistication, with Layer 7 attacks now being seen in the mainstream.

Layer 7 is the highest of the seven IP layers defined under the OSI (Open System Interconnection) model and represents the application layer - the location on the computing resource where data both originates and returns.

Speaking with last week at the Infosecurity Europe show, Teolis said his firm's latest software has been enhanced to deal with these latest Layer 7 attacks, by combining IDS (intrusion detection systems), load balancing, WAF (web application firewall) and DDoS mitigation under a single IT umbrella.

Using an IDS, he explained, allows security professionals to pinpoint sophisticated layer 7 attacks, as well as provide cloud based WAF services.

"Using these approaches - coupled with spreading the load across multiple cloud resources - significantly mitigates the effects of even the highest volume DDoS attack," he said.

Keith Bird, UK managing director with Check Point, told that DDoS attacks have been used as a hacktivist weapon for several years – and, as this research illustrates, now the net is widening to businesses at large.

“We are seeing smokescreen-type attacks, and also more complex, multi-vector attacks on Web sites that combine DDoS with account tampering and fraud attempts,” he said adding, that, whilst these are difficult to defend against, firms should consider contingency and remediation plans in the event of such attacks.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.