A distributed denial of service attack or DDoS is an old-fashioned digital invasion which is now increasingly being used by cyber criminals to spam websites and cause collateral damage.
In the last 12 months, almost 75 per cent of all global firms suffered a DDoS attack, said findings from a study by American tech company Neustar which provides real-time information and analytics to telecom, entertainment and other companies.
Hackers are launching these digital invasions by slipping malware into corporate networks. Once infected, the malware can be used to trigger DDoS attacks to cripple machines or network resources elsewhere by flooding them with requests from multiple IP addresses.
While corporate cyber security professionals are occupied with keeping the networks “alive”, cyber thieves sneak in to steal customer details and credit card information. Worse, the hackers can use the DDoS for extortion purposes.
Neil Wu Becker, of A10 Networks, points out that DDoS strikes stun companies so that digital thieves can get unauthorised data. So businesses must be prepared as such attacks are rising in sophistication and intensity, he added.
“The attacks are multi-vector. Hackers can hit the switch at the network layer, the Internet bandwidth or the server’s central processing unit. This is like cutting off the oxygen, leaving the network unable to breathe,” he explained.
“In total, it crashes or dramatically slows down the network allowing the bad guys to create more impactful harm,” said Becker, A10’s global head of solution strategy.
Headquartered in the United States, the company is a leader in application networking and security.
In particular, attacks on the network bandwidth have been rising. Becker highlighted two attacks last month which disrupted two businesses.
Cybersecurity portal Krebs On Security was hit with 660Gbps of malicious traffic while French Web hosting company OVH.com was flooded with traffic amounting to almost 1Tbps.
“Earlier in the year, the average attack was 30Gbps to 40Gbps, now we’re seeing a spike in speed. We expect future attacks to be much faster,” said Becker.
An A10 survey of 120 North American companies undertaken with research firm IDG Connect found that, on average, attacks led to 17 hours of downtime including slowdowns, denied customer access or crashes.
“Our survey shows that companies suffer from an average of 15 attacks in the past 12 months. That is a lot of wasted time. For companies this means loss of productivity and business opportunities as well as reputation loss.”
Becker was speaking to Techgoondu at GovWare 2016, which was being held this week at Suntec Convention Centre as part of Singapore’s International Cyber Week.
A10 launched two security appliances at GovWare that can block DDoS attacks to stop disruption. They seek to detect and mitigate the digital incursions and function as the first line of defense for the network infrastructure.