Last week we launched our article series on DDoS protection in a connected world. This week we'll outline the state of cybersecurity and DDoS.
As we look at the digital landscape, we quickly see that data is growing in proportion to how much it’s worth to the bad guys. According to Cisco, the current market around cybercrime ranges between $450 billion to $1 trillion per year, and further estimates expect this number to increase. How do the bad guys keep making this kind of money? Simple. Hackers, cybercriminals, hacktivists, and nation- states have learned to monetize their opportunities. While researching the Dark Web, researchers were able to find out how much your data is worth.
And they learned what it costs to do things like DDoS-as-a-Service:
- Social Security Number: $1
- DDoS as a Service: A DDoS attack service typically ranges between $7-$25 an hour. However, depending on the target and size, prices are highly variable. A DDoS attack can cost from $5 for a 300-second attack to $400 for 24 hours or more.
- Medical Records: >$50
- Credit Card Data: $0.25 - $60
- Bank Account Info: >$1,000 (Depending on the type of account and balance)
- Mobile Malware: $150
- Malware Development: $2,500 (commercial malware)
- Spam: $50 for about 500k emails (depending on the number of emails and destination)
- Custom Exploits: $100k – $300k
- Facebook Account: $1 for an account with at least 15 friends
Almost anyone (even novice hackers) can hire a malicious actor or download the tools and aim it against a network or an individual organization.
However, beyond script kiddies who can deploy simple DDoS attacks, the current security state is far more complex. New attacks aim to go beyond traditional means of disrupting a network via DDoS. For example, a recent Google Cloud customer was targeted with a series of HTTPS DDoS attacks, which peaked at 46 million requests per second.
To shed some perspective, this was the largest Layer 7 DDoS attack to date. And it was at least 76% more significant than any previously reported Layer 7 DDoS attack.
Here’s why these types of attacks are so challenging to overcome. Not only was there a very high volume of traffic, but there were also more than 5000 source IPs from over 130 countries. The attack leveraged encrypted requests (HTTPS), which would have taken added computing resources to generate.
To overcome this attack, Google had to go to the edges of its network. To support their customer, they needed to detect the DDoS attack early in its life cycle, analyze its incoming traffic, and generate an alert with a recommended protective rule–all before the attack ramped up.
New Security Threats are Real. Hope is Not a Good Strategy
In a world where slow is the new down, we must move away from hope to implementing actual strategies around protection.
From a data center provider’s perspective, these attacks are dangerous. The challenge becomes the multiple threat vectors that emerge from a DDoS attack. Outside of the infrastructure damage, the damage to business and the client base may be even worse. Data center colocation providers must ensure the safety of their telecommunications and network operations.
Maintaining constant connectivity is paramount to a business’s success as a critical infrastructure industry. However, with new DDoS threats, ensuring uptime becomes more challenging.
It’s important to note that specialized DDoS protection systems provide enhanced protection.
Although we’ll cover this later in our article series, it’s important to note that specialized DDoS protection systems provide enhanced protection. This is specifically true when enabling techniques to mitigate these attacks, such as actionable (large-scale) threat lists pulling from multiple threat databases, traffic anomaly inspection, finding traffic baseline violations, using artificial intelligence (AI) and machine learning (ML), and more.
Download the entire special report, The Security Gap: DDoS Protection in a Connected World, featuring A10, to learn more. In our next article, we'll focus on you, the data center operator, and how DDoS impacts the daily lives of data center professionals.