Fact or fiction? Mission-critical myths about DDoS attacks

Building resilience against distributed threats at government level
Bryan Hamman, Arbor Network’s territory manager for sub-Saharan Africa.
Fact or fiction? Mission-critical myths about DDoS attacks
Arbor Network’s territory manager for Sub-Saharan Africa, Bryan Hamman.

For anyone in ‘denial’ about the power of Distributed Denial of Service (DDoS) attacks in South Africa – attempts to exhaust the resources available to a network, application or service so that genuine users cannot gain access – let’s take a quick browse through some local headlines from the recent past. A quick search brings up the following:

  • “SA ranks high for DDoS attack concerns” (July 2014)
  • “SA a target for DDOS” (May 2015)
  • “South African IP addresses appear on massive DDoS-for-hire list” (September 2016)

Let’s dissect some DDoS myths.

1: South Africa is not a major target for DDoS attacks
The above headlines definitely argue otherwise. No business entity can afford to be complacent: in today’s cloud-based, always-on business environment, DDoS attacks can pull down an organisation’s online systems and bring workflow and mission-critical processes to a halt. In the process, of course, reputation becomes a casualty.

2: DDoS attacks are the latest weapon in the hactivist’s arsenal
No, DDoS attacks have been around since 2010 or so. Since then, we’ve seen an increase in DDoS attacks that has led to innovation in the areas of tools, targets and techniques. Today, DDoS has evolved into a series of attacks that include very high volume attacks which cause congestion, as well as attacks that are more difficult to detect, as they target applications as well as existing security infrastructure such as firewalls and IPS.

3: Small organisations are not at risk
Not true. Over the past few years, the world has seen crippling attacks on all types and sizes of organisation, from corporates to small businesses, banks, hospitals, governments, schools and universities and even non-profit organisations.

4: We have a firewall
Traditional perimeter security solutions are vital aspects of an integrated security set-up, but they are not designed specifically to cater for DDoS attacks. Attackers look for gaps in traditional security solutions and take advantage of networks that are left unguarded.

5: We just increased our bandwidth, we are fine
It’s unlikely that anyone has enough bandwidth, especially when we look at some of the latest statistics: Arbor’s 2017 Annual Worldwide Infrastructure Security Report has confirmed sightings of attacks of 800 Gbps in scale. This is a 60 percent jump on the previous year’s largest reported attack, and they are predicted to only get worse in the future. Bandwidth alone will not save your network.

So much for some of the DDoS myths. The fact is that DDoS attacks are growing in scale and sophistication all the time. Arbor research shows that more than a quarter of all DDoS attacks are actually used as a diversion tactic to cover up data theft, as attackers use a combination of techniques.

Unfortunately, many organisations only address the issue of DDoS protection after they have already been hit, when the damage is done. As well as direct financial losses, a DDoS attack can bring costs to recover from an attack, supply chain disruption, and brand damage and loss of consumer trust. It’s critical to ensure that your business implements specialised DDoS protection as a key component of your security solutions.

After all, you don’t want your business making headlines for all the wrong reasons, right? And that’s a fact.

By Bryan Hamman, Arbor Network’s territory manager for Sub-Saharan Africa