Why DDoS Attacks Are on the Rise and How Can Businesses Safeguard Against Them By Shibu Paul, Vice President – International Sales at Array Networks

Why DDoS Attacks Are on the Rise and How Can Businesses Safeguard Against Them

Shibu Paul, Vice President – International Sales at Array Networks | Thursday, 31 August 2023, 14:27 IST

  •  No Image

With 25 years of experience in IT, IS, and telecom, Shibu Paul is an expert in digital transformation. His skill sets include pre-sales, managed services, key account management, business alliances, cloud computing, and more. In his current role at Array, he plays a vital part in developing end-to-end operations, building a strong channel, and ensuring reliable support infrastructure in the region.

DDoS attacks have long been any business’s worst nightmare. As technology advances, DDoS attacks are growing at an alarming rate from their nascent forms as blunt volumetric assaults, they have matured into multifaceted, AI-orchestrated campaigns. Cloud computing, IoT proliferation, AI integration, and connectivity progressiveness have intensified the scope for DDoS attacks.

How the Adoption of New Technologies is Making Businesses More Vulnerable to DDoS Attacks

The interconnectedness of IoT devices, reliance on cloud infrastructure, and the potential misuse of AI-driven tools provide attackers with an expanded attack surface.

This year also witnessed an amplified bandwidth of up to 216% compared to 2020. With more available bandwidth, attackers can generate and send more malicious traffic to the target, disrupting a larger scale.

Malicious actors can harness many compromised devices (botnets) or use amplification techniques with higher bandwidth. Thus, even a small request generates a much larger response from a third-party server. This inflated response consumes more of the target’s bandwidth and resources, intensifying the attack’s impact.

Here are a few tech-enabled factors that lead to heightened DDoS attacks. 

DDoS as a service

In the initial days, DDoS used to be an intricate attack that only experienced hackers could conduct; hence the frequency was low. However, the emergence of DDoS As a Service (DaaS) lowers the technical barrier for potential attackers. This allows anyone with malicious intent to execute complex and sophisticated attacks.

Access to New Generation Botnets

The hyper-volumetric DDoS attacks deploy the latest generation botnets containing virtual private servers (VPS). These botnets utilize a portion of devices’ amount, yet every device is considerably stronger. The service providers for cloud computing provide VPS to enable businesses and start-ups to generate performant applications.

A big downside to this technology is that it also aids attackers in creating high-tech botnets, being up to 5,000x more powerful. As a consequence, attackers can access the VPS by evading unpatched servers. They further hack into management control platforms via leaked API authorizations. These virtual machine-based botnets have helped execute the most recorded DDoS attacks, comprising the one with 71 million per second requests.

Higher Bandwidth Connections

Higher bandwidth connections unknowingly facilitate the propagation of DDoS attacks. These increased data transmission speeds enable attackers to execute larger-scale attacks by flooding target systems with voluminous traffic. The surplus bandwidth allows attackers to exploit the network’s capacity, overwhelming its resources and restricting legitimate user access.

Proliferation of Attack Surfaces

The proliferation of interconnected devices, from IoT gadgets to cloud infrastructure, provides attackers with increased potential entry points. It amplifies the attack vectors available, enabling cyber intruders to exploit vulnerabilities across diverse platforms.

Use of AI and ML by Attackers

The use of AI and ML is catalyzing cyberattacks in a number of ways. AI can be used to automate the process of launching cyberattacks, making them more scalable and efficient. ML can be used to develop new and more sophisticated attack techniques that are harder to defend against. Additionally, AI and ML can target cyberattacks more effectively by identifying vulnerable targets and exploiting them with greater precision.

Understanding the DNS-Induced Laundering DDoS Attacks

The Domain Name System (DNS) is a critical component of the Internet’s infrastructure. It translates human-readable domain names into IP addresses, which are numerical identifiers. Computers use these to locate and communicate with each other on a network.

By hacking the DNS servers, the malicious actors hamper the ability of the machines to establish a website connection. Thus, it restricts the users from accessing the websites. During the last quarter, of all the DDoS attacks, 32% of them were caused by the breach of DNS protocol.

DNS laundering attacks are the most dreadful, as they can pose critical challenges to businesses or giant organizations operating their own DNS servers.

How Geopolitical agenda are also contributing to growing cyber attacks

In addition to the above reasons for a DDoS attack, geopolitical goals can also be catalysts. This has occurred in several different instances. First, nation-state actors with the resources and capabilities to launch large-scale DDoS attacks may do so to disrupt or disable critical infrastructure or services in a target country. Other reasons may include immobilizing the state or creating confusion/disruption in that economy.

These attacks are no longer limited to hackers flooding the target’s server. Instead, hackers can leverage a relatively smaller number of bots but send more requests per bot to masquerade as legitimate traffic and increase the pressure on the target’s resources.

How Businesses Can Combat DDoS Attacks

On average, a DDoS attack will account for $22,000 per minute of downtime. It leads to sizable business losses, as an attack will likely last around 54 minutes. To combat this vulnerability, businesses can implement the following measures to strengthen their digital infrastructure such as distribute traffic across multiple servers to absorb and filter malicious requests, reducing the impact of attacks, deploy intrusion detection systems to identify unusual traffic patterns that could signify an ongoing attack, Utilize cloud services to scale up resources and absorb attack traffic during peak attacks, Implement web application firewalls (WAFs) to filter out malicious traffic at the application layer, Partner with providers offering traffic scrubbing services that analyze incoming traffic and filter out malicious data, and Use border gateway protocol (BGP) anycast networks to distribute traffic to multiple points of presence, mitigating DDoS impact.

DDoS attacks have increased by up to 68% compared to last year. Moreover, there is a growth of 136% in multi-vector attacks, signifying the robust strategies of cybercriminals to overpower their targets. Thus, having a solid network infrastructure, DDoS protection services, and traffic filtering mechanisms are indispensable for businesses. They must develop and regularly test an incident response plan to mitigate and recover from DDoS attacks swiftly.

CIO Viewpoint

From VPNs to Zero Trust: The Transition to a...

By Shankar Venkatesan, Senior IT Leader, Avalon Technologies

The Cyber Security Spar in Integrating IT and...

By Vimal Goel, CIO, HPCL-Mittal Energy

Towards Cyber Resilience: A Data-Centric...

By Puneet Gupta, Vice President & Managing Director, NetApp India/SAARC

CXO Insights

Emerging Trends, Challenges & Future Prospects...

By Sujoy Brahmachari, CIO & CISO, Rosmerta Technologies

Exploring Data-First Security and Automation in...

By Maheswaran S, Country Manager - S.Asia, Varonis Systems

Securing IT-OT Converged Infrastructure

By Saurabh Sharma, SMIEEE, FIE, CEH, Chief Manager (BIS) & CISO, Petronet LNG Ltd.