Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:00 PM
Vincent Berk
Vincent Berk
Connect Directly
E-Mail vvv

6 Reasons ISPs Must Step Up Defenses Against DDoS Attacks

Conducting a DDoS attack used to require a significant amount of talent. But today, a high school student with basic hacking skills can access tools that will challenge even the most experienced ISP security teams.

One of the many issues ISPs face (as if ever-tightening government regulations and fickle customers weren't enough) is the Distributed Denial of Service (DDoS) attack. Due to the public nature of ISPs, they are frequent targets of such threats. In fact, a recent study from Verisign indicates that the industry most frequently targeted by DDoS attacks is IT services/Cloud/SaaS, representing 32 percent of mitigation activity in Q4 2015, with attacks averaging 7 Gbps in size.

DDoS attacks are different than Denial of Service (DoS) attacks in that hackers leverage numerous computers to conduct a DDoS attack, making them particularly frustrating and difficult to defend against. Security experts fear that there will be a considerable uptick in both the frequency and the severity of the attacks in 2016.

Here are six reasons your ISP needs to beef up security to thwart such attacks now.

1. DDoS Attacks Cost You Customers

DDoS attacks can last for just a few minutes, or for many hours – but in any case, they can lead to the loss of revenue and the loss of valuable customers.

In fact, according to a January 2016 report from Ponemon Institute, the average cost of a data center outage has steadily increased from $505,502 in 2010 to $740,357 today – figures which include lost revenue as well as “reputational damages, customer churn and lost business opportunities.”

2. DDoS Attacks Cost You Customer Service Ratings

Even when customers don't leave, their opinion of you and your business can suffer. DDoS attacks are often intentionally levied at the worst possible times – during the holiday shopping season or around tax season. When service goes down during these high-traffic times, customer experience can be negatively impacted, hurting your overall reputation.

3. Multiple DDoS Attacks Can Occur in a Short Period of Time

Verisign observed more attacks in Q4 2015 than in any other quarter since the inception of its reporting (beginning in Q1 2014). Attackers were very persistent, hitting targets with repeated attacks over the course of the quarter, some as frequently as 16 times. This becomes frustrating and expensive for IT teams dealing with multiple, sustained attacks and for customers growing tired of service interruptions and excuses.

4. DDoS Attack Tools are Becoming More Sophisticated

Why are DDoS attacks becoming so prevalent? One reason is that hackers can gain easy access to the tools that make such attacks so simple to launch. These tools are readily available on forum groups and on the Dark Web. While conducting a sophisticated attack used to require a significant amount of skill and talent, new tools make it easy enough for a high school student with basic hacking skills to coordinate a DDoS attack, even against ISPs with experienced IT teams and a solid security system in place.

5. DDoS Attacks Are Becoming Harder to Detect

Hackers are also changing their technique. Many hackers are working with the support of various governments or terrorist organizations, which have deep pockets and a high degree of motivation. This brand of hacker is known for conducting much savvier attacks. Slow and low attacks deteriorate service or lead to denial of service for customers, but are harder to detect. These attacks can also be sustained for long periods of time, making life more difficult for even the most prepared IT security teams.

6. The IoT is Becoming a New Weapon for the DDoS Attacker

Gartner predicts that there will be as many as 21 billion IoT devices in use by the year 2020, with more added to the mix each year. With access to more devices than ever, hackers are leveraging these devices to conduct and launch attacks.

As the opportunities for attacks continue to rise, ISPs need to be sure they have the right solution in place to protect against and manage DDoS threats. Having the knowledge, tools, and techniques necessary for fast DDoS detection and analysis can help alleviate the risk of dangerous network threats and avoid costly attacks.

Related Content:


Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

Dr. Vincent Berk is CEO of FlowTraq with 15 years of IT security and network management experience. He is a member of ACM and the IEEE. View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-07-21
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and descriptions in this candidate have been removed to prevent ...
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address allows attackers in the local network to access multiple quagga VTYs. Attackers can...
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.