Distributed-denial-of-service (DDoS) attacks are sophisticated attacks designed to flood the network with superfluous traffic. A DDoS attack results in either degraded network performance or an outright service outage of critical infrastructure.
The length of a DDoS attack varies. Attacks like the Ping of Death can be short. The Slowloris attack takes longer to develop. According to a Radware report, 33 percent of DDoS attacks last an hour; 60 percent last less than a full day; and 15 percent last as long as a month.
There are many motives for DDoS attacks, ranging from disruption of services to espionage and cyber warfare. Some common motives include:
While DDoS attacks are a threat to all businesses and all industries, DDoS attacks most often target the following:
Defending against DDoS attacks is a crucial part of securing your network. You must deploy a complete and holistic IT approach that uses components capable of seamlessly working together in an integrated platform.
Denial-of-service attacks were originally used by hacktivists to disrupt network access. Today's DDoS attacks are more sophisticated and far more damaging, and the number of DDoS attacks is expected to double to 15.4 million by 2023. The following trends have resulted in escalating damage.
IoT botnets are being harnessed to launch massive, volumetric DDoS attacks that can quickly overwhelm networks.
Sophisticated application-layer (L7) attacks exhaust server resources and bring services to a standstill. L7 has become the attack vector of choice.
An estimated 90 percent of internet traffic is now encrypted, and attackers are using encrypted traffic to launch a flood of powerful SSL DDoS attacks.
Primarily due to botnets, the volume of DDoS attacks continues to grow. The Dyn DDoS attack in October 2016 was 1.2 Tbps. Just over three years later, AWS observed a 2.3 Tbps UDP reflection attack that is believed to be the largest DDoS attack in history.
Another troubling trend is the widespread availability of tools that help malicious actors launch devastating DDoS attacks easily, quickly, and inexpensively. These include tools to: