A prolonged and unmitigated DDoS ransom attack can lead to revenue loss, reputational damage and -- when aimed at critical infrastructure -- potential harm to public safety. Some headline-grabbing DDoS attacks in recent years featured massive amounts of disruptive traffic being aimed at victims, Verizon’s research shows that most DDoS attacks are of a size that can easily overwhelm customer bandwidth or on premises equipment but are almost always manageable with a cloud based DDoS mitigation service. Last October, for example, a well-known technology company reported mitigating a 2.54 terabyte attack – one of the largest DDoS attacks ever recorded yet according to Verizon’s DBIR research, and yet ninety-five percent of (DDoS) incidents fell between 13 Mbps and 99 Gbps. These types of attacks can not be mitigated without the use of a cloud based, carrier-agnostic DDoS mitigation service like Verizon’s DDoS Shield.
An effective DDoS mitigation service is able to discern bad traffic from good and can redirect that traffic away from critical systems. Because DDoS attacks target both the network and application layer, in addition to needing a strong DDoS solution, many organizations can also benefit by employing a cloud based Web Application Firewall (WAF) service to extend their protection. Verizon’s Web Security, which offers a WAF feature, helps businesses protect their website, user applications and data by filtering, monitoring and blocking bad HTTP traffic on a near real-time basis.
“If you receive a DDoS attack threat, Verizon recommends that you do not pay. Immediately ensure your DDoS mitigation and cyber resiliency plans are tested and notify your ISP,” says Wes Sobbott, Vice President, Network Security at Verizon. “Attackers are also still targeting Authoritative DNS services, as these types of attacks are easy to launch and defense if much more difficult. “We recommend that organizations do not host public-facing authoritative DNS services within their environment, but instead rely on third-party cloud providers to provide this service” says Sobbett.