Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:00 PM
Vincent Berk
Vincent Berk
Connect Directly
E-Mail vvv

6 Reasons ISPs Must Step Up Defenses Against DDoS Attacks

Conducting a DDoS attack used to require a significant amount of talent. But today, a high school student with basic hacking skills can access tools that will challenge even the most experienced ISP security teams.

One of the many issues ISPs face (as if ever-tightening government regulations and fickle customers weren't enough) is the Distributed Denial of Service (DDoS) attack. Due to the public nature of ISPs, they are frequent targets of such threats. In fact, a recent study from Verisign indicates that the industry most frequently targeted by DDoS attacks is IT services/Cloud/SaaS, representing 32 percent of mitigation activity in Q4 2015, with attacks averaging 7 Gbps in size.

DDoS attacks are different than Denial of Service (DoS) attacks in that hackers leverage numerous computers to conduct a DDoS attack, making them particularly frustrating and difficult to defend against. Security experts fear that there will be a considerable uptick in both the frequency and the severity of the attacks in 2016.

Here are six reasons your ISP needs to beef up security to thwart such attacks now.

1. DDoS Attacks Cost You Customers

DDoS attacks can last for just a few minutes, or for many hours – but in any case, they can lead to the loss of revenue and the loss of valuable customers.

In fact, according to a January 2016 report from Ponemon Institute, the average cost of a data center outage has steadily increased from $505,502 in 2010 to $740,357 today – figures which include lost revenue as well as “reputational damages, customer churn and lost business opportunities.”

2. DDoS Attacks Cost You Customer Service Ratings

Even when customers don't leave, their opinion of you and your business can suffer. DDoS attacks are often intentionally levied at the worst possible times – during the holiday shopping season or around tax season. When service goes down during these high-traffic times, customer experience can be negatively impacted, hurting your overall reputation.

3. Multiple DDoS Attacks Can Occur in a Short Period of Time

Verisign observed more attacks in Q4 2015 than in any other quarter since the inception of its reporting (beginning in Q1 2014). Attackers were very persistent, hitting targets with repeated attacks over the course of the quarter, some as frequently as 16 times. This becomes frustrating and expensive for IT teams dealing with multiple, sustained attacks and for customers growing tired of service interruptions and excuses.

4. DDoS Attack Tools are Becoming More Sophisticated

Why are DDoS attacks becoming so prevalent? One reason is that hackers can gain easy access to the tools that make such attacks so simple to launch. These tools are readily available on forum groups and on the Dark Web. While conducting a sophisticated attack used to require a significant amount of skill and talent, new tools make it easy enough for a high school student with basic hacking skills to coordinate a DDoS attack, even against ISPs with experienced IT teams and a solid security system in place.

5. DDoS Attacks Are Becoming Harder to Detect

Hackers are also changing their technique. Many hackers are working with the support of various governments or terrorist organizations, which have deep pockets and a high degree of motivation. This brand of hacker is known for conducting much savvier attacks. Slow and low attacks deteriorate service or lead to denial of service for customers, but are harder to detect. These attacks can also be sustained for long periods of time, making life more difficult for even the most prepared IT security teams.

6. The IoT is Becoming a New Weapon for the DDoS Attacker

Gartner predicts that there will be as many as 21 billion IoT devices in use by the year 2020, with more added to the mix each year. With access to more devices than ever, hackers are leveraging these devices to conduct and launch attacks.

As the opportunities for attacks continue to rise, ISPs need to be sure they have the right solution in place to protect against and manage DDoS threats. Having the knowledge, tools, and techniques necessary for fast DDoS detection and analysis can help alleviate the risk of dangerous network threats and avoid costly attacks.

Related Content:


Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

Dr. Vincent Berk is CEO of FlowTraq with 15 years of IT security and network management experience. He is a member of ACM and the IEEE. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...