Cyberthreats evolve at the same pace as technology, and denial-of-service attacks are no different. Distributed denial-of-service attacks are increasing in both frequency and sophistication, according to John Pescatore, director of emerging security trends at the SANS Institute, a cybersecurity training organization based in Bethesda, MD.
Attackers now use a mix of DDoS techniques, which makes incident response planning even harder. The traditional brute force attacks or floods of syn packets are augmented with Web application-layer attacks and resource depletion attacks. These DDoS attacks are often used by malicious actors as one component of advanced targeted attacks to divert resources and deflect detection. Some DDoS attacks involve extortion attempts with threats of amplification if demands are not met. “The bottomline is that every enterprise has to have an approach to mitigating DDoS attacks,” Pescatore said. A 2014 DDoS Attacks Advancing and Enduring: SANS Survey showed that almost 60% of respondents indicated that their companies had DDoS mitigation plans in place. That means that 40% of those surveyed did not have clear DDoS defense strategies.
Many DDoS attack are minor annoyances. The impact of a successful DDoS attack can be quite damaging, however, particularly when business services are interrupted for some period of time. Enterprises face response, cleanup and opportunity costs associated with a DDoS incident, but for most businesses the interruption of revenue is the largest cost. Senior security management can improve the odds for successful mitigation by working with network operations staff, IT security professionals and other stakeholders to develop and test DDoS defense plans.
In this video, Pescatore describes the latest DDoS attack trends and explains how to avoid common pitfalls in local and cloud-based DDoS mitigation strategies.
John Pescatore is director of emerging trends at SANs Institute. A former vice president and distinguished analyst at Gartner, Pescatore has over 30 years of experience in computer, network and information security. Prior to Gartner, he was senior consultant for Entrust Technologies and Trusted Information Systems and a security engineer for the U.S. Secret Service and the National Security Agency.