Almost Half of Companies Lack DDoS Response Plans

Sean Leach | Jun 03, 2014

It’s tempting to see the threat of distributed denial of service (DDoS) as noise in the background of cyber security discussions, but don’t be fooled. Any risk to your critical Web infrastructure can have a severe impact to your business, and given that the frequency, scale and sophistication of these types of attacks are increasing, the threat is very real.

Data from a recent Verisign-commissioned study conducted by Forrester Research shows that many enterprises aren’t taking steps to protect themselves -- even as high-profile DDoS attacks continue to make headlines. Only 57 percent of respondents reported that they currently had a DDoS response plan in place, and 53 percent indicated difficulties when attempting to detect and mitigate DDoS and DNS threats against multiple systems and ISP links.

DDoS attacks are getting harder to prevent.  Below are a few reasons for that:

  1. They’re happening more: The sheer number of attacks has doubled in the past year.
  2. They’re getting bigger: Volumetric attacks, a classic DDoS method, have grown massively in scale over the past year. The industry has recently seen DDoS attacks that peaked at 400 Gbps.
  3. They’re getting more sophisticated: Application-level attacks targeting DNS systems, HTTP, SSL and other layer-7 services, are now nearly as common as volumetric attacks. In addition, multi-vector attacks – combining volumetric and application-level attacks – are becoming increasingly common, adding to the problem.

Even more concerning is the fact that any type of organization could be at risk, regardless of its size or industry. According to the Forrester study, firms in the technology market were just as likely to have been hit by DDoS attacks as those in the financial services industry, with those in manufacturing, consumer packaged goods and retail following. There is also a common misconception that DDoS attacks (most notably DNS-based DDoS attacks) target only larger companies. In fact, attackers often target smaller organizations because they know they are less likely to have DDoS protection plans in place.

Today, many organizations attempt to defend themselves with mechanisms that cannot provide optimum protection. The Forrester study showed that 21 percent of IT professionals rely on firewalls and IPS for remediation – a significant problem, as these solutions were never designed to combat DDoS attacks and have limited flexibility in combating volumetric attacks. Moreover, companies often mistakenly think they can rely on bandwidth overprovisioning for protection, when in reality, it is an expensive and inefficient defense mechanism as today’s large attacks are usually no match.

Given the reported lack of sophisticated mitigation defenses combined with inadequate resources, it is easy to see why DDoS and DNS attacks are common – and so damaging.  Fortunately, companies today have several choices when it comes to protection. Outsourcing DDoS and DNS protection to a cloud-based provider can be a great solution as it allows for upstream resources to be protected from attacks, eliminates any issues with bandwidth in the case of an attack, and frees up IT personnel to focus on other issues.

To learn more about whether your infrastructure is capable of handling a multi-vector DDoS attack, join me and Forrester Principal Analyst Rick Holland for a webinar on June 19, during which we will present an overview of DDoS trends, the Forrester research, and tips for IT security and operations professionals on how to improve DDoS attack readiness.

Register now for “Is Your Infrastructure Capable of Handling a Multi-Vector Attack” on June 19.

Does your organization have a DDoS protection strategy in place?