Why DDoS Mitigation Fails
Last year, New Zealand’s stock exchange, NZX, fell under a massive distributed denial-of-service attack and despite its mitigation vendor's efforts to mitigate the attack, NZX experienced multiple days of downtime.
Customers with Telstra's default DNS settings found themselves unable to access the internet on a Sunday morning in August 2020 as the telco was facing a DDoS attack that mitigation could not resolve.
Along with the large attacks, there were several more attacks of all sizes and durations that impacted companies across industry segments. Publicly available information (which is only an indication of the actual attacks) shows a barrage of major DDoS attacks this year on banking and financial services, government, and retail. More details of these attacks in our monthly blog `Worldwide list of DDoS attacks’
For attackers, these are cheap attacks and can be obtained for as little as $10 per hour on the Dark Web. However, the impact for organizations can be devastating with the average cost of downtime for an enterprise reaching up to $2 million. Enterprises that have been attacked have suffered from loss of revenue from downtime, loss of customers from session disruption, and productivity loss. The blog `Simple Steps to Calculate DDoS Attack Costs’ shares relevant information about these costs.
Continuous Monitoring - Keeping DDoS Protection Up to Speed
Most companies that were attacked in the last decade have the best mitigation solutions in place. However, despite this, damaging DDoS attacks continue to penetrate them. One of the key reasons for this is that mitigation solutions are powerful, but need to be continuously monitored, and configured. However, in today's climate, it's impossible, as network vulnerabilities frequently change as new services and applications are added. As a result, changing current configurations leave systems open to ongoing new DDOS vulnerabilities. In parallel, DDoS attacks are also evolving in complexity and volume. They are becoming quicker and sneakier and common mitigation solutions are unable to respond quickly enough to new attacks.
Statistics Prove the Unreliability
Lack of new and ongoing configuration changes leave an inline vulnerability of >48% - Based on 420 DDoS vulnerability tests conducted by MazeBolt on enterprises between 2016 to the end of 2019, configurations leave an inline vulnerability of >48%, allowing DDoS attack to penetrate the best of DDoS mitigation solutions.
The Benefits of RADAR™ Testing
Always-on, constantly testing, and non-disruptive RADAR™ testing, is part of the MazeBolt security platform. RADAR™ testing, MazeBolt's new patented DDoS protection solution, constantly identifies DDoS vulnerabilities continuously, without any disruption to your production environment.
With RADAR™ testing, organizations can eliminate their DDoS vulnerability gap. The patented solution allows them to reduce and maintain the vulnerability level of damaging DDoS attacks from an average of 48% to under 2% on an ongoing basis.
RADAR™ testing moves the mitigation focus from reacting to each specific attack after it occurs to detecting and eliminating the risk of potential attacks before they occur.
If you want your DDoS mitigation solution to have a greater impact in identifying and eliminating DDoS vulnerabilities, learn more about RADAR testing today.