Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:00 PM
Vincent Berk
Vincent Berk
Connect Directly
E-Mail vvv

6 Reasons ISPs Must Step Up Defenses Against DDoS Attacks

Conducting a DDoS attack used to require a significant amount of talent. But today, a high school student with basic hacking skills can access tools that will challenge even the most experienced ISP security teams.

One of the many issues ISPs face (as if ever-tightening government regulations and fickle customers weren't enough) is the Distributed Denial of Service (DDoS) attack. Due to the public nature of ISPs, they are frequent targets of such threats. In fact, a recent study from Verisign indicates that the industry most frequently targeted by DDoS attacks is IT services/Cloud/SaaS, representing 32 percent of mitigation activity in Q4 2015, with attacks averaging 7 Gbps in size.

DDoS attacks are different than Denial of Service (DoS) attacks in that hackers leverage numerous computers to conduct a DDoS attack, making them particularly frustrating and difficult to defend against. Security experts fear that there will be a considerable uptick in both the frequency and the severity of the attacks in 2016.

Here are six reasons your ISP needs to beef up security to thwart such attacks now.

1. DDoS Attacks Cost You Customers

DDoS attacks can last for just a few minutes, or for many hours – but in any case, they can lead to the loss of revenue and the loss of valuable customers.

In fact, according to a January 2016 report from Ponemon Institute, the average cost of a data center outage has steadily increased from $505,502 in 2010 to $740,357 today – figures which include lost revenue as well as “reputational damages, customer churn and lost business opportunities.”

2. DDoS Attacks Cost You Customer Service Ratings

Even when customers don't leave, their opinion of you and your business can suffer. DDoS attacks are often intentionally levied at the worst possible times – during the holiday shopping season or around tax season. When service goes down during these high-traffic times, customer experience can be negatively impacted, hurting your overall reputation.

3. Multiple DDoS Attacks Can Occur in a Short Period of Time

Verisign observed more attacks in Q4 2015 than in any other quarter since the inception of its reporting (beginning in Q1 2014). Attackers were very persistent, hitting targets with repeated attacks over the course of the quarter, some as frequently as 16 times. This becomes frustrating and expensive for IT teams dealing with multiple, sustained attacks and for customers growing tired of service interruptions and excuses.

4. DDoS Attack Tools are Becoming More Sophisticated

Why are DDoS attacks becoming so prevalent? One reason is that hackers can gain easy access to the tools that make such attacks so simple to launch. These tools are readily available on forum groups and on the Dark Web. While conducting a sophisticated attack used to require a significant amount of skill and talent, new tools make it easy enough for a high school student with basic hacking skills to coordinate a DDoS attack, even against ISPs with experienced IT teams and a solid security system in place.

5. DDoS Attacks Are Becoming Harder to Detect

Hackers are also changing their technique. Many hackers are working with the support of various governments or terrorist organizations, which have deep pockets and a high degree of motivation. This brand of hacker is known for conducting much savvier attacks. Slow and low attacks deteriorate service or lead to denial of service for customers, but are harder to detect. These attacks can also be sustained for long periods of time, making life more difficult for even the most prepared IT security teams.

6. The IoT is Becoming a New Weapon for the DDoS Attacker

Gartner predicts that there will be as many as 21 billion IoT devices in use by the year 2020, with more added to the mix each year. With access to more devices than ever, hackers are leveraging these devices to conduct and launch attacks.

As the opportunities for attacks continue to rise, ISPs need to be sure they have the right solution in place to protect against and manage DDoS threats. Having the knowledge, tools, and techniques necessary for fast DDoS detection and analysis can help alleviate the risk of dangerous network threats and avoid costly attacks.

Related Content:


Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

Dr. Vincent Berk is CEO of FlowTraq with 15 years of IT security and network management experience. He is a member of ACM and the IEEE. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.