The Old Ways Are Not Good Enough Against Modern DDoS Attacks
The medieval castle became the fortification of choice in the Middle Ages, and attack strategies evolved into scaling ladders, battering rams, siege towers, catapults, and mining tunnels. Large-scale mobile armies during the industrial warfare of the late 19th and early 20th centuries saw infantry weapons capable of high rates of fire, high-velocity breech-loading artillery, armored warfare, and aircraft rapidly evolve to counter the strength in numbers of infantrymen.
Modern DDoS Warfare: New Strategies Required
Today, modern DDoS attacks are evolving more rapidly, utilizing hybrid application-layer and botnet-based direct-path methodologies creating complex multivector attacks, and causing rapid shifts in traditional defensive strategies, tactics, and thinking. This new battleground may not always have the loss-of-life risk of traditional human warfare, but it does involve the loss of livelihoods, intellectual property, productivity, brand, money, safety, and security for customers, prospects, employees, and constituents.
The stakes are extremely high, and failure to adapt and defend against new DDoS attack approaches will hurt your organization—a lot. Even the U.S. Department of Homeland Security has noted the tenfold increase in the scale of DDoS attacks, warning that all organizations that rely on network resources are potential targets of DDoS attacks and that it is not clear if current network infrastructure could withstand future attacks if they continue to increase in scale.
Key findings from the most recent NETSCOUT DDoS Threat Intelligence Report include the following:
- Tens of millions of users were denied access to critical resources and information from DDoS attacks in 2022.
- Millions of bots launched hundreds of thousands of attacks on enterprises and service providers alike, many of which caused significant disruptions.
- HTTP and HTTPS application-layer attacks increased by 487 percent since 2019.
- Direct-path DDoS attacks grew by 18 percent since 2020.
- Carpet-bombing DDoS attacks increased by 69 percent year over year.
- DNS query flood attacks increased by 67 percent year over year.
Arm Yourself with Advice from the Experts
In “Smartly Using Global Threat Intelligence in the Fight Against Modern DDoS Attacks,” part of our Problem Solvers Series, NETSCOUT Senior Security Engineering Manager Richard Hummel and Security Chief Solutions Architect Andrew Cockburn lead a compelling discussion on specific and essential things an organization needs to do to defeat modern DDoS attacks. They lead a discussion that should open the eyes and remove the earplugs of people who think that yesterday’s defensive strategies are good enough for today’s DDoS attacks.
Hummel eats and breathes cyberthreat intelligence daily and understands the power and potential it has to support and enhance cyberdefense strategy, development, and execution. He discusses in great depth NETSCOUT’s Active Threat Level Analysis System (ATLAS) Intelligence Feed (AIS), which delivers unique visibility—you can’t get anywhere else—into nearly half of all internet traffic, correlated into meaningful, understandable, and usable intelligence to enable organizations to better understand, defend against, and react to threats. NETSCOUT’s global visibility, he notes, provides massive global telemetry built on more than two decades of service provider traffic from hundreds of different service providers seeing DDoS attacks in more than 93 countries every day. Almost every DDoS attack launches from or to a broadband access subscriber network—and NETSCOUT sees most of them. By seeing attacks all around the world from the source of the attacks, Hummel states, NETSCOUT can take those 320 million IP addresses down to a more manageable 500,000 and feed them into all our DDoS-defense products.
Cockburn is a highly experienced subject matter expert who spends most of his time with customers battling DDoS and other cyberattacks. His customers find the ability to knock down 80 to 90 percent of any given botnet attacks based on information from our botnet feed very powerful. He notes that among the customers he meets with there has been a shift in defensive approaches to leverage our well-curated threat intelligence to defeat large swaths of attacks via on-premises protection. Although there is a learning curve with customers, Cockburn adds, most want to control their own destiny by blocking harmful attacks themselves without having to request upstream help for nonvolumetric attacks. He emphasizes that active preparation and strategic thinking about adversaries, their methods, and approaches are what differentiates those who are most successful against DDoS attacks in the modern world.
Hummel and Cockburn also offer additional timely and extremely helpful insight and advice on how to refine your defensive strategies to be more effective against modern sophisticated cybercriminals. So, modernize and adapt your thinking and defensive approaches for DDoS attacks to reflect the way the world really is, rather than what it used to be last year, last month, or even yesterday.
Your castle is no longer safe, and your adversaries know this all too well.
Learn more from Hummel and Cockburn in “Smartly Using Global Threat Intelligence in the Fight Against Modern DDoS Attacks,” part of our Problem Solvers Series.