High profile attacks with ever-growing firepower point to a DDoS attack arms race. Are we heading for a doomsday scenario?
According to the latest Worldwide Infrastructure Security Report from Arbor Networks, DDoS attack sizes are growing (up 20 percent to a peak of 500Gbps) along with attack volumes. Indeed, 51 percent of DDoS targeted organisations reported a complete saturation of their bandwidth, that’s a 35 percent rise from 2014. Which is hardly surprising when there’s good money to be made out of DDoS. Ransoms are certainly a potential driver, even if you discard the misreported £1 million demanded of Lincolnshire County Council that turned out, in reality, to be just £500. When Skyhigh Networks researched this, it discovered a quarter of organisations would pay ransoms to prevent an attack, and in fact 14 percent would pay as much as $1 million. However, is it the case that this psychology of payment to prevent falling victim, rather than accepting there needs to be adequate investment in technical defences, is a big part of the problem when it comes to DDoS motivation perhaps?
Some interesting comments in there. Not convinced by the ‘use our scrubbing service and all is fine’ claims. If it was as easy as that then why did one of the worlds biggest banks get hit? Or are you saying HSBC is negligible?
Hi Karen – thanks for taking the time to respond to this story here. You’ve obviously followed the link and read the article in full at SC Magazine, so you will note that it wasn’t me saying that scrubbing DDoS traffic was the obvious/easy mitigation but rather someone offering a DDoS mitigation/scrubbing service. MRDA 🙂
As for your other point, regarding HSBC, I have to say that I was as surprised as the next person when it got taken down for so long. If an organisation with the financial and technical resources to hand that an HSBC has cannot protect itself from a DDoS attack then, just perhaps, the Armageddon reference in the headline isn’t as over the top as some have suggested to me via email…