Fact Versus Fiction in Modern DDoS Attacks and Defense Strategies

Adaptive DDoS requires new ways to strengthen defensive capabilities and mitigate cybersecurity risk.

Red Triangle with red exclamation mark in center of image

Did 300 ancient Spartan warriors hold off tens of thousands of Persians at Thermopylae? Probably not. Did George Washington chop down his father’s cherry tree and then confess because he was unable to lie? Nope. Did Paul Revere ride alone shouting the British were coming? Not exactly: Factually, it was five people who sounded the alarm, but only Paul Revere got mentioned in a fictitious poem 85 years later.

Luckily, when it comes to distributed denial-of-service (DDoS) attack myths and misunderstandings, we don’t have to guess between fact and fiction. Today, there are very smart experts who know and can speak the truth. They have firsthand knowledge about defensive strategies, best practices for DDoS protection, and how leading organizations are strengthening their cyberdefenses.

NETSCOUT Director of Security Solutions Gary Sockrider and Senior Sales Engineer Jeff Hauk deliver just that in “You Think You Know DDoS? Think Again,” part of our Problem Solvers Series. Sockrider and Hauk share their extensive industry and customer experiences regarding the evolution of modern DDoS attacks, debunk some myths, clarify some common misunderstandings, and suggest some new ways to strengthen defensive capabilities and mitigate cybersecurity risk.

Fiction: DDoS Attacks Have Declined in Relevance

For starters, reports of the decline in relevance of DDoS attacks are untrue. Sockrider shares that NETSCOUT saw more than 13 million DDoS attacks in 2022—and that is just a subset of all the attacks made that year. He notes that modern DDoS attacks are more complex and sophisticated than traditional DDoS of the past. Modern DDoS attacks often mask other forms of cyberattacks as bad actors seek out vulnerabilities to exploit by using multiple attack vectors. In fact, NETSCOUT has observed as many as 30 different attack vectors in a single campaign, which led to the new term “adaptive DDoS.” 

NETSCOUT’s approach is to integrate into the security stack and function as a team player that enhances other security solutions and tools. Whether it is integrating with security event and incident management (SEIM) solutions, accepting indicators of compromise (IOC) from other third parties, protecting stateful devices such as firewalls so they can do what they were meant to do, or utilizing unique global threat intelligence and expertise from NETSCOUT, the goal remains the same—to mitigate risk and protect information, applications, systems, and people from harm. By utilizing an intelligent combination of on-premises and cloud-based DDoS protection that automatically identifies and stops all types of DDoS attacks and other cyberthreats before they impact business-critical services, NETSCOUT plays a dual role of thwarting modern DDoS attacks and making other parts of the cyberdefense stronger.

Fact: Adaptive DDoS Requires Adaptive Defense

Hauk and Sockrider stress that the dynamic nature of cyberattacks coupled with the always-changing nature of any network means that continuous adjustments, constant reassessments, and perpetual diligence are required. Organizations must constantly evolve their DDoS defense strategies to keep pace with rapidly changing attack tactics and strategies of criminal actors and nation states. Every change creates potential new vulnerabilities, and every action creates a reaction in the high-stakes competition of cyberattacks and cyberdefenses.

Adaptive DDoS attacks require a new posture of DDoS suppression enabled by edge-to-edge visibility to suppress DDoS attack traffic as it hits multiple points across the entire network edge or before it converges into a large-scale attack. Regardless of the scope and scale of your environment, you need unique and unlimited visibility, across all attack surfaces, so that you are continuously aware of your own vulnerabilities and know what bad actors are doing and have done to penetrate your cyberdefenses.

As both Hauk and Sockrider indicate, you can’t stop what you can’t see—and that’s a fact.

Check out NETSCOUT’s webinar “You Think You Know DDoS? Think Again,” part of our Problem Solvers Series.