Is That DDoS Attack a Smokescreen for Something Worse?

  • DDoS attacks are growing across all types of businesses.
  • Companies need CDN-level protection and mitigation solutions to protect their sites and valuable information.

Two new reports confirm that Distributed Denial-of-Service (DDoS) attacks are growing across virtually all types of business. They are often a deliberate distraction, hiding thefts of funds, data, and personal identity.

According to a new report, over half of all companies reporting DDoS attacks on their web infrastructure also reported that customer data, money, or intellectual property had been stolen while the companies’ IT teams were focused on responding to the attacks. These conclusions reveal a heightened sophistication among the hackers initiating the DDoS activities. While some attacks remain targeted toward nothing beyond disrupting the web properties for a particular business or group of businesses, some hackers use DDoS as one part of a multi-pronged attack designed to take items of real value — either in a competitive sense or in terms of real dollars.

Security Cloud

Record number of attacks across sectors

Akamai’s State of the Internet report for 4Q13 highlights the growth in attacks, the changes in attack origins, and the targeted business sectors. The report shows that 2013 saw a record number of reported attacks, climbing to over 1,000. Nearly 60% targeted websites in the Americas, followed by about 40% in Asia, and the remainder in EMEA. Enterprise and commerce combined for nearly 75% of the attacks, but high tech, media and entertainment, and the public sector were also major targets.

Looking at these reports, it is fair to conclude that different sectors are targeted for different kinds of malicious activities. If your business revolves around e-commerce, hackers are more likely to want customer information, including credit cards and other personal information, and to use that information for fraudulent purchases. For financial institutions, access to accounts and funds may be the motivation. For media and entertainment companies, intellectual property theft is an attractive target, and one that can have real impact on your bottom line.

CDN-level protection and mitigation solutions

How do you fight back? You may already have security solutions installed in your network and your data centers. Additional protection and mitigation at the Content Delivery Network (CDN) level can offer DDoS mitigation solutions at the caching layer. This protection also assists with origin cloaking, re-routing traffic away from nodes that are under attack, and improving the handling of high-volume attacks.

Understanding the evolution of DDoS and other attacks is the first step. Grasping the motivations of those eager to disrupt your business is just as important. Ultimately, it is every company’s responsibility to protect their own site and the information behind it by working with the partners who can provide the most complete, manageable solutions available.

Are you confident that your security solution is ready for the attacks documented in these new reports?

Sam Farraj Global Business Services Content Delivery & Security Platform AVP AT&T About Sam