A new global survey by Kaspersky found that Distributed Denial of Service (DDoS) attacks have doubled over the last year. The research emphasised how any organisation, regardless of its size, type or location, can be seriously impacted by such attacks. It also reported that DDoS attacks have had a long-lasting impact on businesses, with 26% of organizations saying those attacks had a long-term effect on their services. Indeed, the aftermath of DDoS attacks can leave a company scrambling to regain customer trust and rectify brand damage, in addition to the financial impact.
However, while most DDoS attacks try to disrupt a site’s performance and usability, Kaspersky has noticed a new motive behind them – corporate data theft. This is not surprising as DDoS attacks are increasingly used as a smokescreen to camouflage other cyber-attacks, including data breaches and financial fraud. The disruption caused by the DDoS attack can expose weaknesses in organizations’ cyber defences or overwhelm other security tools, like firewalls or IPS/IDS, opening the door for cyber criminals to plant malware or steal sensitive information. With all this in mind, it is important to remember that DDoS attacks are often used as a springboard for more damaging cyber threats or data theft, and are therefore something that all security professionals should be alert to.
DDoS attacks are becoming more sophisticated, deceptive and frequent, and finding ways to bypass traditional security measures. In many cases, rather than trying to cause an outage, attackers seek to merely distract security staff with short, sub-saturating DDoS ‘noise’, which allows them to map the network for vulnerabilities, install malware, or access sensitive information. These increased threats mean that defending against DDoS attacks is a top security priority for any organisation that relies on the Internet to conduct business. The only proper defence against today’s sophisticated attacks is to use an automatic, real-time DDoS mitigation system, which can monitor and mitigate DDoS traffic automatically to eliminate service outages and allow security personnel to focus on uncovering any subsequent malicious activity, such as data breaches. This type of in-line, always-on protection can come in various forms – either on-premises, or purchased as a security service from an upstream provider. It is only through deploying these real-time solutions that organisations will be able to identify and mitigate the most serious DDoS attacks on their networks in the years ahead.
To find out more, please contact us.