Distributed denial-of-service (DDoS) attacks are growing in terms of sophistication and so are the technologies in place to stop them, but large attacks will standardise soon.

 

Talking to SC Magazine, Susan Warner, market manager for DNS services and DDoS solutions at Neustar, said that as attacks and the ability to rent botnets that deliver multiple gigabyte attacks increase in size and capability, attackers will continue to raise the bar.

 

She said: “Attackers are getting smarter and there are more ways to enhance attack methods and it will continue to be an effective weapon. It is not just high profile attacks, it happens to every company.”

 

Asked if there was an attitude of 'it will never happen to me', Warner said that there definitely was, as organisations have to look at the risk and revenue impacts, customer responsibility and brand identity, and said that "this requires a holistic view, but IT say it will not bother us".

 

She said: “The media cover the large attacks as they look at what has happened to the US banks, but people say 'this won't happen to me'.”

 

Warner said that attacks are also becoming flexible, and attackers will switch from a volumetric attack to an application layer type and thenback to a volumetric type. In its survey of 704 businesses, Neustar discovered that 33 per cent of UK respondents had experienced an attack in the last 12 months, and that 70 per cent of attacks lasted a day.

 

The survey found that of those respondents who had DDoS protection solutions in place, the number who did not have anything in place to mitigate attacks had dropped from 25 per cent in 2011 to eight per cent in 2012.

 

It also found that attacks had been seen at up to 120Gbps, the average was 50Gbps, but sometimes attacks were one to two Gbps. Warner said: “It is really frustrating to go down for multiple days; it creates uncertainty with your customers and they go to find out what is happening and it creates a problem for the organisation, and this can be a customer service nightmare.

 

“A one to two Gbps attack can be enough to take down a website, while 15 per cent of respondents said that attacks were at least 20Gbps, and that will cause a lot of damage to a large organisation. The Spamhaus attack was 310Gbps, and the next attack will be larger.”