Are You in Denial About DDoS Attacks?
Don’t think your organization is vulnerable to DDoS attacks? This report may make you think again. What can you do to reduce your risk of being compromised?
17 November 2014
Don’t think your organization is vulnerable to a distributed denial–of-service attack (DDoS)? Perhaps not. But a recent Internet security report released by Akamai Technologies may make you think again.
In its Q3 2014 State of the Internet, the Web content delivery optimizer revealed that the size and volume of distributed denial-of-service attacks surged year-over-year — and that hackers have opened up a new front by exploiting embedded devices that feature the widely used ARM microprocessor. The chip is commonly found in embedded devices.
Akamai reported 17 DDoS attacks of more than 100 gigabits per second just in the third quarter of 2014, including one at a massive 321 gigabits per second. “The size and volume of DDoS attacks have gone through the roof this year," said John Summers, vice president of Akamai’s security business unit, in a statement.
But DDoS attacks are not just getting bigger and badder. They’ve gotten smarter, too.
According to Akamai, highly sophisticated assaults that employ multiple attack vectors to overwhelm targeted websites were the norm during the quarter. Some 53 percent of attacks use multiple attack vectors. Easy-to-use attack tools and the rise of an illicit DDoS-for-hire industry are feeding this trend, according to the company.
Akamai’s numbers tell the story — and they offer a compelling case for reexamining your organization’s cybersecurity. Compared to the same period a year ago, Q3 2014 saw:
- A 22 percent increase in total DDoS attacks
- A 389 percent increase in average attack bandwidth
- A 366 percent increase in average peak packets per second
- A 44 percent decrease in application layer attacks
- A 43 percent increase in infrastructure layer attacks
- A 5 percent increase in average attack duration
- A 9 percent increase in multi-vector attacks
Akamai told IDG News Service that technology, media, and online entertainment companies were among the top DDoS targets, with most attacks emanating from the U.S. (nearly 24 percent), China (20 percent), and Brazil (18 percent).
New Reasons for Worry
As if there wasn’t enough to worry about, the hackers are now reaching beyond PCs and servers for other devices to create botnet battalions with which to mount DDoS attacks. They are focusing their efforts on smartphones and embedded devices such as customer-premises equipment, home cable modems, mobile devices, and Internet-enabled devices, according to Akamai. The company told IDG News Service that Q3 2014 marked the first time Akamai had seen botnet attacks involving the ARM chip.
Since many of these devices are unmanaged, with outdated software and firmware, they are vulnerable to manipulation by attackers. So what can you do to reduce your risk of being compromised?
- Start by keeping firmware and software updated. Make it a key part of your efforts to keep attackers from exploiting potential vulnerabilities.
- If you haven’t invested in an anti-DDoS solution, consider doing so. Waiting until you are under attack is no time to start researching vendors.
- Finally, take corrective security measures by implementing best practices. This could mean backstopping firewalls with additional security software, running automatic updates of anti-virus and malware programs, or simply making DDoS part of your business continuity plan.
Steff Gelston is a professional journalist whose editorial career spans magazines, newspapers, and websites. She spent five years at International Data Group (IDG), including three years as a senior editor at CIO magazine with coverage oversight of IT staffing and the mid-market. Before joining IDG, Gelston was an assistant business editor at The Boston Globe. She has also worked for Inc.com, the Boston Herald, and the Boston Business Journal.