The number of DDoS attacks is on the rise in 2022. From politically motivated efforts to ransom extortion, nobody is safe from getting hit by what some consider to be “one of the most powerful weapons on the internet”. At least, not without specialized security measures in place.
DDoS attacks are becoming more frequent and powerful. To understand the threat orgnaizations may be facing in the near future, StormWall experts analyzed the past frequency of attacks on the company's clients. The research concluded that we may be looking at a 130% increase in the number of DDoS attacks globally.
The projection made by StormWall shows that some attacks can peak at 700,000 requests per second and last for multiple days. The attack's duration has been steadily growing in the past years, but never to the same extent. For instance, the average attack length grew by 24% from Q1 2019 to Q1 2020. But the increase we’re looking at now is in order of magnitudes.
Who is in the crosshairs of DDoS actors?
Based on the data collected by StormWall experts, most of the attacks in 2021 happened in the financial, retail and gaming industries. Fewer attacks took place in the telecommunication and education sectors.
Breakdown of DDoS attacks by industry in 2021:
- Fintech: 43%
- Retail: 31%
- Gaming: 18%
- Telecommunications: 4%
- Online education: 3%
- Others: 1%
DDoS actors like to target industries where uptime is crucial. Thus, the fintech industry has always been a prime target. In 2021 attacks on this sector have increased by 83%. We can expect this trend to continue going forward.
Gaming and retail are also high on the list due to how critical uptime is. In online games, lagging or not working servers lead to massive outflows of player count, and online retail businesses cannot operate when the website is down, leading to operational losses, which makes exertion attempts more likely to succeed.
Today, most companies do not have the capacity to ward off increasingly powerful DDoS attacks with internal solutions alone. Creating bullet-proof DDoS protection with in-company resources is costly and often doesn’t make sense from the financial standpoint. That’s why businesses use specialized services like StormWall to guarantee the uptime of their resources.
Different types of attacks require different solutions
Types of floods to attack used by DDoS actors:
- Websites
- Networks
- TCP/UDP services
Each attack type aims at disabling a specific infrastructure level of the OSI model (a conceptual model of services that make the internet possible) and requires specific protection solutions: tools that can defend a website may be useless against batch floods designed to overwhelm network routers. This makes in-house protection difficult and costly.
Attacks on websites
Application layer (L7) attacks target the highest layer of the OSI model. This is where HTTP and HTTPS requests occur. These attacks are common because of their low cost for threat actors combined with high effectiveness. They overwhelm servers by draining server and network resources. Application layer floods are typical for the e-commerce industry, where attackers can target websites rather than underlying cloud services. The result is prolonged downtime.
StormWall has a website protection service that uses a proxy technology to filter incoming traffic. It ensures 24/7 uptime. What’s more, thanks to static elements caching, the service not only protects agastin HTTP floods, but also increases page load speed. Faster loading is known to reduce bounce rate. This solution works for e-commerce or content-driven websites of any scale and is available through a subscription model at different pricing tiers.
Attacks on networks
Network layer attacks (L3 of the OSI model) target network equipment and infrastructure. Their victims are usually cloud services and applications. Although both network and application layer attacks share the goal of filling up capacity and preventing users from accessing the service or website, they have very different mechanisms. A DDoS protection solution must be able to identify the attack type to be effective.
StormWall’s BGP network protection service is designed for Internet providers, data centers, hosting companies, and corporate clients with intranets. All incoming traffic is filtered in 3 stages: using border routers, hardware filters, and precision filters. With up to 2.5 Tbps bandwidth, the service can protect against attacks of any complexity, including TCP/UDP floods and sophisticated attacks that utilize botnets.
Attacks on TCP/UDP services
Packet floods on the transport layer (L4 of the OSI model) used to be uncommon, but not anymore. These sophisticated attacks disable data transmission that uses TCP/UDP protocols. This prevents HTTP connections between the servers and the client, rendering an online service unavailable. Recently, packet floods became cheaper and easier to launch. Hackers now use them to attack cloud services and websites alike. These attacks are also harder to defend against and they are getting stronger every year. In 2022, 1 Tbit/s attacks were not unusual.
StormWalls has a TCP/UDP protection service that is easy to connect. It can filter all types of malicious traffic and has up to 2.5 Tbps bandwidth. An advanced filtration system with the network protection plan is designed for game servers, business applications, telecommunication systems, internet providers, and data centers. But thanks to a flexible pricing model the protection plan suits smaller e-commerce businesses just as well.
Plans for the future
StormWall is a Cybersecurity-as-a-Service provider offering complete website, network, and service DDoS protection. As an official DE-CIX and RIPE NCC member, StormWall solutions are used to protect the internet infrastructure of hundreds of international clients, including Bank of China, Volkswagen and tens of cloud service providers worldwide.
StormWall will be opening a point of presence in Singapore in partnership with ID Cloud Host. The new location will allow the company to provide zero-delay protection for websites, cloud apps and networks, as well as a web application firewall, to customers from the Pacific region and Australia. This will be StormWall’s sixth point of presence. The company is also adding new features to the user’s cabinet, including White Labeling. Select partners will be able to use StormWall’s platform and technologies to deliver advanced DDoS protection services under their own brand.
