The unbearable asymmetry of DDoS
0

By Bryan Hamman, Regional Director for Africa at NETSCOUT

Within the constantly-fluid cybersecurity arena, Distributed Denial of Service (DDoS) attacks present a formidable challenge. The staggering frequency and impacts of these attacks are often underestimated, yet they are a relentless threat, disrupting the very fabric of the internet.

RELATED: EMEA receives most DDoS attacks amid ongoing geopolitical unrest

NETSCOUT’s ASERT team documented over 10 million DDoS attacks in 2023, averaging over 30,000 attacks daily. This equated to more than 1,000 attacks every hour globally, with a new attack being launched nearly every 2.5 seconds. This sheer volume underscores the critical need for robust and adaptive defences.

The nature and scope of DDoS attacks

DDoS attacks target the capacity and state of applications, services and infrastructure, aiming to disrupt their availability. Attackers exploit compromised online resources, inflicting significant damage, but with minimal cost to themselves.

The asymmetry thus lies in the attackers’ access to virtually unlimited resources, while defenders face substantial burdens in mitigating these threats. Telecommunication providers, often the frontline defenders against DDoS attacks, encounter terabit-per-second (Tbps) and hundred million-packets-per-second (Mpps) attacks regularly.

Understanding this imbalance, and knowing how to counteract it, is the key to a successful DDoS defence.

ADVERTISEMENT

While these statistics are quite sobering by themselves, it is even more concerning that attackers can wreak all this havoc while leveraging only a small percentage of the abusable DDoS attack resources of any given type. ASERT’s global research scanner reveals a potential of around 1.5 million Domain Name System (DNS) reflector amplifiers on any given day, but less than 10 percent are abused by DDoS attackers. This highlights the latent threat of untapped resources that attackers could exploit.

In addition to the global pool of available reflectors/amplifiers, adversaries continue to add to the number of bots capable of launching DDoS attacks, amplifying potential threats even further.

Empowering defenders with adaptive intelligence

ADVERTISEMENT

However, no matter the amount of attack resources an adversary can wield, organisations can still defend themselves against even the most complex attacks using adaptive, scalable defence strategies. Thanks to strong collaboration, predictive and proactive mitigations, as well as advanced threat intelligence, we’re better equipped to face these challenges head-on, and are able to proactively turn the tables on attackers and mitigate the asymmetric nature of DDoS threats.

The combination of NETSCOUT’s DDoS defence expertise, coupled with its worldwide visibility into the global DDoS attack trends, ensures that organisations can expertly and proficiently mitigate the largest and most complex DDoS attacks at true internet scale, safeguarding the integrity of their digital infrastructure.

Get more on NETSCOUT’s Adaptive DDoS Protection solution.

More in Features

You may also like