Radware States the Obvious in Its Report: DDoS Attackers are Getting Smarter
February 05, 2014
Radware (News - Alert), a company known for application security and delivery, has released a report called the 2013 Global Application and Network Security Report. What makes this report so important?
The Internet is full of computers just waiting to be used as pawns in major distributed denial of service (DDoS) attacks. These kinds of attacks, which have been known to take entire databases and server farms offline, have been a pest for industrious companies for years. Radware, in its report, doesn't show signs of the phenomenon subsiding. It says that attacks like these will continue to cause problems through this year, especially as attackers start using more sophisticated methods of packet delivery. Though the concept of DDoS is straightforward, the efficiency of its execution largely determines how effective the attack is.
The current most popular method of delivering DDoS attacks is by stringing up a bunch of infected computers and commanding them to flood a server with packets. By gathering up enough bandwidth from a distributed geographical area, the server eventually becomes overwhelmed and falls victim to the attack. This all can happen in a matter of minutes, if the attacker is experienced enough.
Avi Chesla, CTO of Radware, said, “Our report indicates that DoS/DDoS attacks have increasingly become the tool of choice for cyber-hacktivist groups and will continue to wreak havoc on organizations. Eighty-seven percent of our respondents encountered service level issues from this style of attack. The negative impact of a service outage is already understood, but even small instances of service degradation can have harmful, lasting effects on an organization's brand image, customer satisfaction, and ultimately its bottom line.”
According to Radware's report, DDoS attacks have become more severe through the last year, with an increase of 20 percent in the extent of damage that they cause. This is largely caused by the ability of attackers to change to another method of delivery as soon as the older method fails. For example, instead of sending simple TCP packets, the attacker may force computers to use the HTTP protocol to further overload the target server.
Edited by Alisen Downey
Article comments powered by