Short, Stealthy, Sub-Saturating DDoS Attacks Pose Greatest Security Threat to Businesses
05 June 2017 - 6:00PM
Business Wire
New DDoS Trends and Analysis Report warns of
“Trojan Horse” DDoS Attacks intended to disrupt and distract
network operators from more destructive security threats
The greatest DDoS risk for organisations is the barrage of
short, low volume attacks which mask more serious network
intrusions, according to the latest DDoS Trends and Analysis report
from Corero Network Security (LSE: CNS), a leading provider of
real-time DDoS defense solutions.
According to new Corero research, which highlights DDoS attack
attempts against its customers, short, frequent, low-volume DDoS
attacks continue to dominate. Despite several headline-dominating,
high-volume DDoS attacks over the past year, the vast majority
(98%) of the DDoS attack attempts against Corero customers during
Q1 2017 were less than 10 Gbps per second in volume. In addition,
almost three quarters (71%) of the attacks mitigated by Corero
lasted 10 minutes or less.
Due to their small size, these sub-saturating attacks tend to go
undetected by IT security staff and many DDoS protection systems.
However, they are just disruptive enough to knock a firewall or
intrusion prevention system (IPS) offline so that the hackers can
target, map and infiltrate a network to install malware and engage
data exfiltration activity.
Ashley Stephenson, CEO at Corero Network Security, explains:
“Short DDoS attacks might seem harmless, in that they don't cause
extended periods of downtime. But IT teams who choose to ignore
them are effectively leaving their doors wide open for malware or
ransomware attacks, data theft or other more serious intrusions.
Just like the mythological Trojan Horse, these attacks deceive
security teams by masquerading as a harmless bystander – in this
case, a flicker of internet outage – while hiding their more
sinister motives.”
Sub Saturating DDoS Attacks: The Calm Before The
Storm
In total, Corero customers experienced an average of 124 DDoS
attack attempts per month, equivalent to 4.1 attacks per day during
Q1 of 2017. This is a 9 percent increase in attacks over Q4
2016.
Stephenson continues: “Rather than showing their capabilities in
full view, through large, volumetric DDoS attacks that cripple a
website, using short attacks allows bad actors to test for
vulnerabilities within a network and monitor the success of new
methods without being detected. Most cloud-based scrubbing
solutions will not detect DDoS attacks of less than 10 minutes in
duration, so the damage is done before the attack can even be
reported.”
“As a result, the raft of sub-saturating attacks observed at the
beginning of this year could represent a testing phase, as hackers
experiment with new techniques before deploying them at an
industrial scale.”
While low volume attacks remain the norm, Corero recorded a
significant (55%) increase in large DDoS attacks of more than 10
Gbps per second, in Q1 of 2017, compared to the previous quarter.
In addition, while the majority of attacks recorded lasted less
than 10 minutes, the data also revealed a slight increase in
attacks lasting 20 minutes or longer, with these attacks now
accounting for nearly a quarter (22%) of all the attacks
recorded.
Increased Risks For EU General Data Protection Regulation
(GDPR)
From May 2018, any organization that operates in Europe or has
European resident data could be subject to severe penalties of up
to 4 percent of global turnover if they fail to protect the data of
EU residents.
Stephenson states: “With GDPR on the horizon, the risk of data
theft resulting from sub-saturating DDoS attacks is extremely
serious, and claiming to be ignorant of malicious activity on your
network will not substitute a defence. To keep up with the growing
sophistication and organization of well-equipped and well-funded
threat actors, it’s essential that organizations maintain a
comprehensive visibility across their networks to detect and block
any potential DDoS incursions as they arise.”
For access to the complete Corero DDoS Trends report, download
it here.
About Corero Network Security
Corero Network Security is the leader in real-time,
high-performance DDoS defense solutions. Service providers, hosting
providers and online enterprises rely on Corero’s award winning
technology to eliminate the DDoS threat to their environment
through automatic attack detection and mitigation, coupled with
complete network visibility, analytics and reporting. This industry
leading technology provides cost effective, scalable protection
capabilities against DDoS attacks in the most complex environments
while enabling a more cost effective economic model than previously
available. For more information, visit www.corero.com.
View source
version on businesswire.com: http://www.businesswire.com/news/home/20170605005149/en/
Elevate CommunicationsMatthew Farhadi,
617-981-9637mfarhadi@elevatecom.com
Corero Network Security (LSE:CNS)
Historical Stock Chart
From Apr 2024 to May 2024
Corero Network Security (LSE:CNS)
Historical Stock Chart
From May 2023 to May 2024