Bad actors are constantly changing and improving the efficacy of their methods, and that of course includes distributed denial-of-service (DDoS) attacks. But last year was unique: instead of the hackers changing, the world changed for them, and DDoS attacks peaked at an all-time high. Now, with many of the changes (such as remote working) here to stay, the pressure is on for businesses to find permanent, distributed network security solutions that protect their people and their service performance in the new way of working.
2020 saw unprecedented DDoS attack activity. For the first time in history, the annual number of observed DDoS attacks surpassed 10 million, and this record-breaking DDoS activity has surged into 2021. This is perhaps no surprise: The digital shift caused by the COVID-19 pandemic saw nearly every business in the world become completely reliant on their VPNs, firewalls, and load balancers—obvious weak spots, and prime targets for attackers.
All these devices are “stateful,” making them particularly vulnerable to DDoS attacks. One such attack is a state exhaustion. These can be small and short-lived—in fact, just a couple of hundred megabits per second throughput for a few minutes can take down an entire VPN gateway.
And although these DDoS attacks were large in number, they were also accurate at striking pandemic-driven vulnerabilities. According to NETSCOUT’s 16th annual Worldwide Infrastructure Security Report, 75 percent of enterprises reported DDoS attacks on key pandemic infrastructures such as routers, firewalls, and VPN concentrators. Furthermore, the report found that 83 percent of enterprises that suffered a DDoS attack also reported that firewalls and/or VPN devices contributed to outages.
Lasting Changes
As the end of lockdown comes into view for many countries, it’s becoming clear that the changes to the way we work that drove these attacks will outlast COVID-19. Dutch lender Rabobank predicts its employees will continue to work from home 40 to 50 percent of the time, and the UK’s Nationwide has committed to making its telework changes permanent.
Like the pandemic, this shift impacts not only how companies interact with their staff but also how they interact with their customers, who won’t stop taking advantage of rapid online self-servicing and automation once off-line capabilities resume.
The network has become one with the business, and so the risks of DDoS attacks (such as increased costs, lost revenue due to service downtime, or a hit to reputation) are greater than ever, impacting the delivery of all your digital services.
A Permanent Solution
These temporary weak spots have become permanent, so organizations need to look to expert solutions they can rely on to assure digital business services against disruptions in availability, performance, and security.
The industry best practice for protecting VPN gateways and other stateful devices critical for remote function is to roll out an on-premises “stateless” solution.
NETSCOUT uses stateless packet processing technology, and by deploying one of its advanced defense solutions at the network perimeter (behind the internet router and in front of stateful devices such as your VPN gateway), you can instantaneously detect all types of DDoS attacks, including state exhaustion attacks, before any damage is done.
Distributed working elevates the security risks of your network, but remote work is here to stay. This means the onus is on firms to achieve permanent security to ensure their network is more secure, more performant, and more protected than ever before.
Learn more about network security