Attackers using lower bandwidth DDoS attacks to escape detection

The recently released mid-year report by Corero Network Security has identified some worrying trends in the cyberthreat landscape.

In particular, the research revealed that attackers are changing the way that they use DDoS attacks in an attempt to make them more effective.

Read more: Chinese smartphones used to mount a huge DDoS attack

According to the mid-year report, DDoS attacks are becoming shorter, but more frequent, with lower-bandwidth attempts (many were found to be less than 1Gbps) and those that have a reduced timespan being generally more difficult to detect. 95 per cent of all attacks tackled by Corero lasted 30 minutes or less, but the frequency increased from three attacks per day in the first quarter of 2015 to 4.5 attacks in Q2. The ease of purchasing and using DDoS tools is likely to be behind the growing numbers.

“Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or access sensitive corporate information, and they’re doing it in increasingly creative ways that circumvent traditional security solutions or nullify the previous effectiveness of scrubbing centres,” said Dave Larson, CTO and vice president of product at Corero Network Security.

Mr Larson added that in order to protect against disruption, businesses need to employ real-time visibility and mitigation of all DDoS attack traffic, no matter how minor the threat.

Internet service providers (ISPs) can also play a greater role in the defence against DDoS attacks. In fact, the report found that 75 per cent of respondents would be willing to pay a premium for their ISP to take a more proactive approach to thwarting DDoS attempts. Rather than simply relying on firewalls and traditional solutions, network carriers could “surgically” remove the attack traffic before it became disruptive.

Read more: New DDoS attacks leaving businesses exposed to data theft

Corero’s 2015 Trends and Analysis Report also includes a number of additional insights regarding DDoS attacks, including further recommendations for how to prevent your businesses from being targeted in the future.

Image source: Shutterstock/sibgat