20 Years of DDoS attacks

Oliver Sears

1999 marked the first recorded case of a distributed-denial-of-service (DDoS) attack. A small set of computers which were infected with malware attacked, and took offline, the entire network of the University of Minnesota. Fast forward 20 years and DDoS attacks have evolved into a much larger and more significant security threat to today’s organisations. DDoS attacks have become part of the arsenal of intricate cybercrime gangs as well as nation-state level actors. DDoS attacks by cyber-criminals now mean massive losses for organisations who are targeted, both in financial terms and brand damage.

 

DDoS attacks have grown in three key areas:

The first area DDoS attacks have grown is size. Attacks that had originally targeted ISP’s 20 years ago were tiny compared to the huge attacks we see today. The growth of IoT has allowed malicious actors to use a vast number of devices that aren’t properly protected and control them remotely in order to use them as a botnet. Attack’s over 100Gbps are no longer ‘Black Swan Events’ but are becoming increasingly common.

This leads me onto the next area where DDoS attacks have grown: frequency. With the weaponization of DDoS, through the availability of attack tools and services, sophisticated attacks are now available to anyone meaning someone with little or no technical knowledge can buy DDoS-as-a-service. The frequency of larger attacks has increased massively, as has as the overall frequency of smaller sized attacks.

The final area where DDoS attacks have grown is complexity. DDoS attacks aren’t as simple as they used to be. They are no longer primarily SYN floods but highly complex, multi-vector attacks which can target infrastructure, applications, bandwidth and services simultaneously.

 

But we don’t learn

Despite numerous news articles about businesses being hit over the past 20 years, many organisations are still under-prepared and ill-invested when it comes to DDoS defences. A large number of organisations put the symptoms of a DDoS attack, such as frequent outages, down to equipment failure as they don’t have the ability to investigate traffic to determine if it is malicious or not. Not being aware of even minor attacks leaves them vulnerable to a more serious attack in the future due to not investing in the necessary defences.

activereach work with a number of different DDoS Mitigation suppliers who can offer another line of defence if the worst was to happen. Please get in touch if you feel you are under-prepared for such an attack. Alternatively, we can also stress test your mitigation (if you have a solution in place) with our DDoS Testing Services to make sure it is up to scratch and able to mitigate an attack if one is to occur.

Suffering a DDoS attack right now? Call our DDoS Incident Response Hotline that operates 24/7 +44 (0) 333 444 3367