The report - `DDoS Mitigation: Best Practices for a Rapidly Changing Threat Landscape' - describes how hackers are employing larger and stealthier techniques to outmanoeuvre such traditional DDoS defence tactics as bandwidth over-provisioning, firewalls, and intrusion prevention system.
According to the veteran IT security vendor, DDOS attacks use multiple hosts, such as compromised PCs, to flood and overwhelm a target site or application with traffic.
Successful attacks, VeriSign says, can bring down sites for hours or even days, causing businesses to suffer losses in the millions and damaging a company's brand and customer relationships.
Interestingly, the report - which comes in the form of a white paper - cites recent Forrester Research survey data showing that 74% of IT decision-makers have experienced one or more DDoS attacks in the past year.
In nearly one out of every three attacks, says the report, hackers were successful in disrupting service, even though these organisations had in place security measures designed to thwart DDoS attacks.
One reason, the report notes, is that DDoS methods have evolved rapidly in the past year. More and more, hackers are preying on specific targets by dispatching hundreds of thousands of custom bots to directly flood a target site with traffic.
Or, adds VeriSign, they amplify their attacks with reflection flood techniques that use recursive Domain Name System servers to bounce attacks to their victims.
Alternatively, they execute subtle application-level attacks that are harder to detect because they mimic legitimate traffic. Even budget-minded amateurs can spawn successful attacks by renting botnets for as little as $200 for 24 hours.
Against this backdrop, VeriSign has come up with a set of best practices that enables organisations to keep pace with DDoS attacks, while minimising impact on business operations.
These best practices include the centralisaion of data gathering and understand trends and understanding the growing need for managed services.
Ken Silva, VeriSign's CTO, said that, if the past year has shown us anything, it's that DDoS threats represent a moving target - one that is growing more sophisticated and difficult to defend against, even as the attacks themselves grow more frequent.
"We published this white paper as a blueprint for organisations looking to stay ahead of this rapidly evolving threat to revenues, operations, customer loyalty and network reliability", he said.
"And because in-house mitigation is often too expensive or labour-intensive to remain effective, the paper also provides tips on what organisations should look for when choosing a managed DDoS mitigation services provider", he added.