Distributed Denial of Service (DDoS) attacks increased by 40 percent over last year, new research found.
While frequency has increased, the duration of attacks decreased with 77 percent lasting ten minutes or less, of which 63 percent last five minutes or less, according to the survey by Corero Network Security.
Having faced one attack, one in five organizations will end up targeted again within 24 hours.
“Organizations are dependent on the Internet as a means to conduct business and deliver consumer/citizen services. Any event that affects this ability to function will have a significant impact on that business,” said Ashley Stephenson, chief executive at Corero.
“With Internet resilience coming down to a fraction of a second, it’s easy to see why DDoS attacks are considered one of the most serious threats to Internet availability today resulting in damage to a brand’s reputation, customer trust and revenue,” Stephenson said. “As short duration attacks are much quicker – with 63 percent lasting under five minutes, many organizations are failing to identify that they’ve been hit by a DDoS attack. This lack of correlation with service lagging, or even failure, leaves organizations vulnerable as they’re neither successfully mitigating the attack nor the damage that is inflicted to the customer experience, affecting loyalty and ultimately causing revenue erosion.”
Other highlights in the report include:
• Low volume, sub-saturating attacks continue to dominate (94 percent less than 5Gbps)
• While still infrequent, attacks over 10Gbps have doubled
• Organizations faced an average of 8 attacks per day in Q2 2018, an increase of 40 percent compared to the same quarter in 2017.
To keep up with sophisticated, organized, well-equipped and highly-funded attackers, it is essential organizations maintain comprehensive visibility and automated mitigation capabilities across their networks.
“Proactive DDoS protection is a critical element of proper cyber security against loss of service availability and data breach activity,” Stephenson said. “The everyday DDoS attacks that Corero has highlighted in this report cannot be properly defeated with traditional Internet gateway security solutions such as firewalls, Intrusion Prevention Systems and the like. Similarly, on-demand cloud-based DDoS scrubbing alternatives cannot achieve successful mitigation with the low-volume, short-duration attacks that are now impacting organizations every day. As organizations develop their DDoS resiliency plans, and choose their methods of DDoS protection, time-to-mitigation must be a critical factor.”
Click here to register to download the report.