According to a new IDG report each of these DDoS attacks causes 17 hours of effective downtime
New report from IDG Connect reveals that the average company suffers 15 DDoS attacks per year, with average DDoS attacks causing 17 hours of effective downtime, including slowdowns, denied customer access or crashes. The survey was commissioned by A10 Networks.
DDoS attacks have rapidly proliferated in terms of bandwidth (Gbps) and packets per second (pps). In the survey, 59% of organizations polled have experienced an attack over 40 Gbps. Average attack bandwidth is peaking at 30 to 40 Gbps and 77% of organizations expect multi-vector attacks, which include volumetric and application-layer attacks, to pose a great danger.
DDoS attacks have become more sophisticated –
- There are multi-vector DDoS attacks that have tunneled over encrypted SSL connections to evade cyber defenses.
- There are attacks have exploited the SSL protocol to cause denial of service by repeating ‘renegotiation’ in the same connection but stop short of creating a secure channel.
- There is flood SSL traffic over the created secure channel without being distinguished as a malicious connection.
The reason is that while most organizations protect their websites and online services with SSL, many existing enterprise security products are either woefully blind to encrypted SSL traffic or debilitated when trying to decrypt and analyze it.
Organizations must rethink their SSL offload and SSL inspection strategies, especially in defending against DDoS attacks. Because of growing virtualization, cloud networking and mobility, SSL encryption requirements to protect data and secure communications will surge. The IDG Connect report shows that more than half of the organizations surveyed plan to increase DDoS prevention budgets in the next six months.
“DDoS attacks are called ‘sudden death’ for good reason,” says Raj Jalan, CTO of A10 Networks. “If left unaddressed, the costs will include lost business, time-to-service restoration and a decline in customer satisfaction. The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.”
- To stop SSL at the data center perimeter, some organizations have deployed application delivery controllers (ADCs) equipped with crypto engines to help off-load SSL from servers and security appliances. Some ADCs also offer web application firewalls (WAFs) to inspect the traffic and detect attacks.
- To eliminate SSL blind spots in corporate defenses and enable security devices to regain their effectiveness, application networking and security leader A10 Networks introduced a standalone SSL Insight (SSLi) security product built on SSL inspection technology and 64-bit ACOS Harmony platform. The SSLi appliances decrypt SSL traffic and offer comprehensive inspection of multiple ciphers that deliver up to 48 Gbps of SSL inspection throughput. They include high density 1 GbE, 10 GbE and 40 GbE port options for networking bandwidth demands.
No big surprise here – key recommendations from the report – expect DDoS attacks and plan for them! They cannot be ignored.