Skip to main content

Small-scale DDoS attacks see huge rise

(Image credit: Image Credit: Profit_Image / Shutterstock)

Large-scale DDoS attacks against enterprises don’t seem to be as fashionable as they were before, a new report suggests, saying that smaller attacks are rising in popularity.

The Neustar Q2 2019 Cyber Threats and Trends report says that between April and June this year, more than three quarters of all Distributed Denial of Service (DDoS) attacks were 5 Gbps or less.

Large-scale attacks, those of 100 Gbps and more, dropped by almost two thirds (64 per cent).

So, what’s the big deal with small-scale attacks? Neustar claims that these do not look to saturate the network link and draw attention to themselves. Instead, the goal is to either degrade, or disable just specific infrastructure within the target network.

The report speculates on the end goal of such an attack, claiming it could be to enable the hackers to get in – and out, of a network, unnoticed. It could also be used, the report argues, to keep the attack going longer. One such attack lasted almost two days.

Enterprises aren’t really capable of spotting these threats. Almost three quarters of CTOs, CISOs and Directors of Security (72 per cent) said it was highly unlikely that they’d spot such an attack, with the remaining 28 per cent being confident they’d spot it.

“With the rise of smaller DDoS attacks going under the radar, now is the time for organisations to deploy an ‘always on’ DDoS mitigation service that is constantly monitoring traffic to ensure threats of all sizes are detected, managed and diffused,” said Rodney Joffe, Senior Vice President, Senior Technologist and Fellow at Neustar.

“Now, with most of today’s attacks directed at specific services, gateways and applications – therefore requiring less traffic to bring it down – a greater level of understanding from businesses to determine the protection they need is essential. The first stage of this is to determine what is valuable, not what is vulnerable. One of the best ways to separate vulnerability from value is to create a ‘risk register’ that starts from the inside and focuses on your most critical business assets,” Joffe added.