CISO DDoS Handbook - The DDoS Threat to Digital Transformation
The New DDoS Attack
1. WS-Discovery Attacks - Attackers use a protocol called WS-Discovery (WSD), which allows unauthenticated traffic to flow through and amplify attacks. Amplification as a method is not new and has been used in the past under the names of Simple Network Management Protocol and Simple Service Delivery Protocol.
2. Multi-modal DDoS Attacks - Instead of just one form of attack, multi-modal involve launching several different attacks simultaneously. For example, an attacker will launch one attack, and as the mitigation solution tries to mitigate it, another vector is launched, one which could penetrate the network.
3. Ransom DDoS Attacks – or DDoS as they are known- are attacks launched with ransom demands as the underlying motive. Attackers launch small attacks with the promise of a more significant attack on their web applications unless their needs are met. The whitepaper, `The Anatomy of Ransom Related DDoS Attacks,' dives deep into this attack.
4. Zero-Day Attacks - These attacks involve vectors that attackers haven't previously used. As they are new and unknown, mitigation solutions are unaware; therefore, blocking them is impossible. In parallel, they target unknown vulnerabilities in the network.
5. IoT DDoS Attacks - IoT devices are constantly increasing; thousands are out there. As IoT devices are created to serve various purposes, their manufacturers are focused on more than just ensuring security within these new devices. DDoS attackers are not interested in corrupting a single device. On the other hand, they look to penetrate the network using the vulnerabilities in the IoT devices to launch DDoS attacks.
6. Low-rate attacks – Most enterprises struggle to distinguish between low-rate attacks and legitimate traffic. At the same time, they find it diff-challenging to maintain a low false-negative rate. Like significant attacks, small-size attacks can bring down the services rapidly and create an equivalent impact on businesses, urging companies to be prepared and review their web security arrangements.
7. Small-Sized Attacks - Research confirms that large attacks of 100Gbps and above have fallen by 64% in 2019. However, there has been a startling 158% increase in attacks sized 5Gbps. Or less. Enterprises need help to distinguish between low-rate attacks and legitimate traffic, and at the same time, find it challenging to maintain a low false-negative rate. Similar to significant attacks, small-size attacks can bring down the services rapidly and create an equivalent impact on businesses, urging companies to be prepared and review their web security arrangements.
Recurrent DDoS Attacks Despite Mitigation
The Only Complete DDoS Protection for the Digital World
MazeBolt's RADAR™ testing is the only 24/7 automatic solution testing DDoS attacks across your live environment with zero operational downtime. It automatically detects, analyzes, and prioritizes the remediation of DDoS vulnerabilities in any mitigation system. You are raising the efficiency of your mitigation solution for a healthy DDoS mitigation posture.