The WHIR ran an article years ago entitled, “Report: Short DDoS Attacks Can Have Lasting Security Impact,” in which they delved into the security risks of short DDoS (distributed denial of service) attacks.
Typically, what we’ll see on web hosting forums are OP’s (original posters) asking about levels of protections. On the other side of the coin, what we see routinely advertised is either DDoS protection services citing no specifications or something like 20 Gbps protection. The prevailing trend is that more, for example, 50 Gbps protection is better, and it is for specific types of attacks, but not all.
Has your business been the victim of a Trojan Horse?
I’ve never read any discussion of security risks posed by short DDoS attacks, which makes this article so interesting. As the article lays out, short, low-volume attacks can act as Trojan Horses, allowing cybercriminals to disseminate harmful malware.
In this scenario, the goal of these types of attacks is to obstruct IPS (intrusion prevention systems) and firewalls, distracting that business’s IT security personnel long enough for them to install their malware and pilfer their data.
Just how prevalent are these types of attacks?
According to Corero, over 70% typically lasted under ten minutes and nearly the same percentage were under 1 Gbps. The reasoning for this is conjectured to be that these cybercriminals don’t want to show their hands via large scale attacks that could cripple a website. Why not? It allows them an avenue to test for vulnerabilities at little risk of being detected.
Getting in and out avoiding detection – the reality of most cloud based DDoS solutions
The article points out that the majority of cloud-based protections won’t even identify DDoS attacks lasting under ten minutes. The consequence? Cybercriminals are able to sow their damage, and get in and then back out without raising any eyebrows or security concerns. It’s theorized that this tactic could be utilized as a testing ground preceding later full-scale attacks.
The stakes in Europe get raised this upcoming year
Like everyone else who tracks these types of events, we’ve become accustomed to hearing about breaches of security, but defending your business against data theft throughout Europe poses (potential) severe penalties per the EU’s policy, GDPR.
Ok, so how often do these types of attacks actually occur?
According to Corero, organizations are currently victims of these types of attacks, on average, four times a day. Think about that number for a second because it equates to almost 1500 attacks per year! And these types of attacks are growing every quarter. It’s reported they grew by 9% every year, with the majority of those low in volume and short in duration. Conversely, attacks greater than 10 Gbps grow over fifty percent.
Brought to you by ProlimeHost
We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.
VPS Services: Lightning Fast SSD Virtual Servers
Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.
That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.
Now is the time to join the ProlimeHost virtual private server revolution.
Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee
We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.