Incident Response, TDR

DDoS attacks target enterprises and ISPs, ignore financial institutions

The traffic volume of distributed denial-of-service (DDoS) attacks has increased this year with one-third peaking at more than 500Mbps, and more than five percent reaching 4Gbps. Only .9 percent of attacks reached 4Gpbs during the second half of 2013.

The high frequency attacks have become increasingly difficult to detect and defend against, according to NSFOCUS's “Mid-year 2014 DDoS Threat Report,” and they can do considerable damage by effectively shutting down an enterprise's online business and services. In addition, they can diminish a company's reputation and can have political impact, Xuhua Bao, senior researcher, said in an email to SCMagazine.com.

One of the most notable findings, however, was the complete shift in targets, the report said. Last year, banks accounted for the majority of attacks. This year, financial institutions barely made the report's list of targets. Instead, NSFOCUS found that enterprises and internet service providers (ISPs) in particular are being targeted this year with 20.8 percent of the attacks aimed at enterprise websites and 14.6 percent aimed at ISPs.

Bao attributed this refocus to financial institutions employing stronger security defense solutions, which makes it both more difficult to penetrate their defenses and lessens the impact of the attacks.

He also noted that "most enterprises are inclined to take a low-profile when dealing with or reporting security issues when being attacked as compared to attacks that occur in the financial and banking industry.” Small attacks are rarely reported, he said, so without large-scale attacks, the general perceived impact is small.

The report explored attack methods, as well, and found that DNS floods remain the most popular of attack methods, followed by TCP floods and HTTP floods. For Bao, this finding represents the biggest issue plaguing IT security professionals and the field.

“Attacks methods and tactics have become more diversified,” he said. “In particular, some distinguished types of attacks, such as the Wordpress reflector and amplification attacks, are very clever…How to mitigate these types of multi-vectors hybrid DDoS attacks will be a big challenge in the future.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.