DDoS Trends in 2020

ddos attack

A distributed denial-of-service (DDoS) attack is considered to be one of the vicious cyber attacks of the 20th century. It aims to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of multiple vague requests. As a result, the website’s capacity to handle the server requests is exceeded, obstructing its basic functionality to lag behind. 

Typical targets for DDoS attacks include:

  • Internet shopping sites
  • Online casinos
  • Any business or organisation that depends on providing online services

How a DDoS attack works

Cyber criminals use a botnet ‘zombie network’ to deliver a DDoS attack. Through a botnet, an attacker gains remote control of computers and other machines (such as IoT devices). When the IP address of a victim is targeted by the botnet, each bot will respond by sending enormous service requests to the target, potentially causing the targeted server or network to overflow capacity, resulting in a denial-of-service to normal traffic.

ddos attack 300x168

Along with the total prevention of the web resource’s normal functioning, an attacker may also request a ransom amount to stop the attack or it may even be an attempt from a business competitor to damage the web resources as well as the reputation of an organization.  

Types of denial of service attacks?

DoS attacks can be categorized into three categories

Volumetric attacks: False requests are received on every open port in a massive volumetric frame on the web resource. There are two main kinds of volumetric attacks, which are UDP flood and ICMP flood.

Application-layer attacks: The attack that targets the web traffic of a user interacting application is known as an application-layer attack. It mostly interferes with HTTP/HTTPS, DNS, or SMTP protocols.

ddos attack 2 300x139

Protocol attacks: An attacker selects some targeted parts of the network and sends slow and malicious pings that are unidentified and consumes a pool of memory. As a result, a huge chunk of memory gets lost along with traffic disruption due to continuous pings. 

5 DDoS Attack Trends to Cause Havoc in 2020

As the world of technology progresses day by day, with the advent of IoT devices, the graph curve of DDoS attacks is expected to increase exponentially. The DDoS protection and mitigation market is suspected to grow to $4.7 billion by 2024, up from $2.4 billion this year, which represents a compound annual growth rate of 14 percent, according to research firm MarketsandMarkets. In the past 2 years itself, the incidence of DDoS attacks has risen by 20% and the scale and severity of their impact have risen by nearly 200%. The cumulative DDoS attacks in 2019 so far have exceeded the total number of attacks in 2018.

  • Application Layer Attacks: As compared to volumetric attacks, the number of application-layer attacks is expected to have a sharp rise. The goal of these attacks is to exhaust the resources of the target and attack the layer where web pages are generated on the server and delivered in response to HTTP requests. Previously, volumetric attacks were known to be consequential by creating service disruption, but with the advent of cloud storage services, attackers invented new strategies to saturate the cloud servers with false network traffic because most of the organizations adapt these services in the morden times. 

encrypted 300x154

According to Ron Winward, security evangelist at Mahwah, N.J.-based Radware: “Application layer DDoS attacks have overtaken network-based attacks for the first time. That’s because an infrastructure-focused approach dedicated to filling up internet capacity is simply less effective today than disrupting applications themselves”

  • Burst Attacks: These attacks last for only 30-to-60 second and often occur in real-time processing constantly changing in both duration and frequency. The attacks vanish before the organization comes up with a mitigation strategy. The mitigation of these attacks is difficult as organizations need to wait till the next wave hits. The defenders need to collect the required intelligence and set the filters in real-time.
  • Exposed Servers: In compliance with cloud services, most of the enterprises moved to UDP (User Datagram Protocol) where back-end servers are hosted online leaving a clean chit for cyber attackers to exploit.

According to Don Shin, senior product marketing manager at San Jose, Calif.-based A10 Networks: By leaving millions of servers out in the open to be exploited, businesses have made things so easy for attackers that they often don’t even have to write malicious code. Approximately, 100,000 servers are sitting exposed within no time with convenient strategies of attackers. 

  • Overlaid On Other Attacks: Attackers have started analyzing previous network incidents to implement the use of  additional components to maximize their monetary gain and the destructive impact. Overlapping of these events has made it difficult to identify attacks distinctively and what to expect from them. Threat actors can also leverage to steal the information in this analysis and sell it for their cryptic purposes. 
  • Increase in Volume: After the immense success of DDoS attacks destructing organizations, more perpetrators step in to take their chance. 

search 300x172

According to Akamai’s Beegle: Although DDoS attacks are not complicated to protect against, they remain an easy target for attackers since organizations too often fail to properly set up and protect their environment. Organizations live under the illusion that their secure environment would not be threatened due to the involvement of third party servicing their DNS (Domain Name System), when DNS is not at the top of the list as a priority from a security perspective. 

Conclusion

As the world prepares to usher in the faster speeds and bandwidth capabilities, cyber attackers are more focused towards finding the security gaps within the protective layer of your organization. Before businesses end up destroying their defensive boundaries by letting the bad traffic in, they should adapt some conducive strategies to safeguard their enterprises.