According to the First Quarter 2014 Global DDoS Attack Report of US-based Prolexic Technologies, there has been a 47-percent increase in total DDoS attacks, with a 68-percent increase in infrastructure attacks.
DDoS is acronym for distributed denial of service, a type of attack where multiple compromised systems are used to target a single system causing a Denial of Service (DoS) attack.
DDoS attacks are designed to infiltrate websites by flooding the site’s origin server with bogus requests, often from multiple locations and networks, resulting in slow page loads or a complete blockage of legitimate site traffic.
The report also indicated a 133-percent increase in average peak bandwidth during the period covered.
DDoS attackers have begun making use of crimeware toolkits, a type of malware specifically designed to automate this cybercrime, to get past a portal or e-commerce website?s securities.
Much of the increase is due to similar tools, including techniques for using a vulnerability in the Network Time Protocol or NTP, not only to reflect attacks but amplify them.
IPC (IP Converge Data Services Inc.), which provides DDoS mitigation service in the Philippines, said rapid evolution in the DDoS marketplace has made large-scale attacks easier and faster to deploy.
?This spike represents a looming threat, which is an increasing availability of new DDoS practices that ultimately make attacks much easier to deploy, allowing even less skillful hackers to launch an attack,? said Ni?o Valmonte, director of product management and marketing at IPC.
?For today?s black hat hackers, reflection and amplification have made it easier for them to launch attacks, as they no longer need to build large bot armies,? added Valmonte.
IPC said there is little that can be done to avoid falling victim to a DDoS attack. Anti-virus software and filtering tools such as firewalls are not capable of preventing attacks, it said.
?Some enterprises have elected to install premise-based anti-DDoS hardware equipment in the hopes of thwarting such attacks. However, this method brings with it a hefty price tag, as such appliances are not only a large capital expense but also requires a special manpower skill set to operate,? it noted.
In addition, appliances have easily surmountable limitations in terms of handling attack traffic and are thus not designed to handle volumetric attacks, it said.
Also, IPC said the bandwidth capacity required to handle the onslaught of larger DDoS attacks is definitely more than what a company would require for its legitimate web traffic, and thus does not make business sense to have. One way or another, once these limitations are reached, the target website will inevitably go offline, it said.
?Other enterprises look to their telcos and Internet Service Providers (ISPs) to provide them with DDoS mitigation. While these providers would have more bandwidth than enterprises do, their core business is still the selling of bandwidth, and not network protection,? it said
IPC said a more ideal approach would be to tap the services of a professional DDoS mitigation service provider, which have the infrastructure to support and sustain protection services.
?They utilize massive network bandwidth capacity and equipment at multiple sites, called scrubbing centers, around the world that can take in large-scale attack traffic,? it said.
?By subscribing to the service, the provider ?scrubs? the Internet traffic headed for a customer?s IP address and allows only clean or legitimate traffic to continue to the destination,? it added.
