Industry still relies on perimeter defenses to block DDoS

Denial of service attacks, as a specific threat to business, became mainstream news in 2012. Anonymous uses it for political and social protest. The Izz ad-din Al qassam Cyber Fighters use it as an ongoing cyber warfare weapon to punish the US banking system in retaliation for the publication of the the Innocence of Muslims video. And more recently a massive, apparently protest, attack was launched against the Spamhaus anti-spam service. 

But these are just the larger more headline-grabbing incidents. The 2012 Annual DDoS Threat and Impact Survey from DDoS mitigation company Neustar shows an alarming growth in attacks generally – and against the retail sector in particular. Its survey shows that during 2012, 35% of more than 700 respondents experienced a disruptive attack. Victims in the retail sector increased from 16% in 2011 to 39% in 2012; with retail closing fast on the financial sector (grew from 32% in 2011 to 44% in 2012). To put this in perspective, 1 in 5 of the finance companies estimated outages cost them $50K per hour, not including the cost of mitigation, recovery and brand equity.

Neustar sees some optimism in the increasing use of DDoS mitigation technologies. “If there was a glimmer of good news in 2012, it was the rise in DDoS protection,” notes the report. In 2011, 25% of companies had no DDoS protection; but in 2012 this had dropped to just 8%. “There was a 10% increase in the use of firewalls, switches and routers; a 6% increase in DDoS mitigation hardware; and a 2% increase in other protection measures.”

But, it warns, “Firewalls, routers and switches can protect against intrusive attacks at Layer 3 (to some extent) but compound the effects of DDoS attacks by bottlenecking traffic.” The report also notes that there has been a slight decline in the use of IDS systems – which, like firewalls, can actually cause bottlenecks. “It can, however, help defend against growing two-pronged attacks, in which DDoS is a distraction while the attacker breaches the system, aiming to steal customer data, government secrets or intellectual property.”

Overall, Neustar is concerned about the growing tendency to use old-style security to protect against new-style threats. “Clearly, many companies are hoping traditional defenses will suffice,” it concludes. “Given the frequency of attacks, their growing complexity and the impact when sites go dark, such hopes are badly misplaced.”

What’s Hot on Infosecurity Magazine?