DDoS attacks are no longer the simple brute force attack they used to be. These days they regularly form part of a much more complex attack vector and can be targeted at any business. Read on to learn more about this emerging trend in cyber-crime.
Distributed Denial of Service (DDoS) attacks are not a new thing - the first recorded denial of service (DoS) attack is reported to have occurred in 1974, around a decade before the Internet even existed. A 13 year old boy named David Dennis went down in history by writing a programme that remotely locked up multiple terminals in a university computer laboratory.
These days, DDoS attacks are not executed by bored but inventive children, they are a tool used by hacktivist groups and organised criminals alike. Banks, politicians, businesses and even reporters have all found themselves targeted in recent years as techniques have become more sophisticated and attacks have grown in magnitude. As more of our lives are conducted over the Internet, and more companies' revenue streams are being delivered through their websites, attacks that prevent access to our favourite websites have become big business.
Over the last few years, a new type of DDoS attack has been showing itself - "Dark DDoS" attacks. In these, the DDoS attack is just a smokescreen to cover other, more nefarious activities, which are undertaken while IT staff are distracted trying to stop the attack. The attacks are typically smaller in size than many traditional DDoS attacks as they are not trying to prevent access to the target resources, just hide their true purpose - data exfiltration, installation of trojans and so forth. Some of the most high profile hacks of recent years have taken place under the cover of a dark DDoS attack, including Carphone Warehouse and Talk Talk.
Experts across the industry all agree that this remains a huge potential risk for businesses of all sizes – Arbor Networks revealed that they had tracked 124,000 DDoS attacks over 18 months between January 2015 and June 2016, while Incapsula’s DDoS Threat Landscape Report 2015-2016 describes a 211% increase of attacks year-on-year. IDC’s Worldwide DDoS Prevention Products and Services Forecast 2017-2021 published in May 2017 adds to the discussion by stating that many organisations focussing on digital transformation are not including security measures as part of their planning process. This means that some businesses find themselves with inadequate levels of protection against DDoS attacks, which also leaves parts of their infrastructure open to infection to be used as part of a botnet, or network of attacking devices for future attacks.
It’s clear to see that this method of attacking websites is something that everyone should be concerned about. It’s also clear that to effectively protect yourself against DDoS, you need to find a trusted partner that can work with you to design a holistic security approach for your company. With over 10 years’ experience in mitigating DDoS attacks, and a global network of scrubbing centres to strip out malicious traffic, CenturyLink have security solutions to suit most businesses. Whether you just need protection from DDoS attacks, or a more complex managed security solution designed to protect your entire infrastructure, we can help. We’ve been recognised by Forrester as a leader in the “Forrester Wave™: DDoS Service Providers Q3, 2015”, so get in contact today and find out how we can help keep your business running and protect your valuable brand and reputation.