As DDoS attacks grow larger, more complex, and more pervasive, it can feel like we face a future of inevitable service outages and anxiety.
According to the Information Security Forum’s latest Threat Horizon report, outages caused by DDoS attacks are one of the largest security threats facing organizations today.
Less than 10 years ago, a different problem was on everyone’s mind: spam. Nearly 80 percent of the 200 billion+ emails sent each day in 2009 were solicitations from Nigerian princes, pill offers from online pharmacies, and schemes to “make money fast from home.” Almost half of all spam emails made it past the filters, cluttering email boxes around the world. For a while there, it felt like we might have to give up on email altogether.
Today, as defenses against unsolicited email have improved, spam has been relegated to junk mail folders, and the occasional request from the crown prince of Nigeria is more a source of amusement than anything else. We can actually laugh at some of these schemes, and spam has been reduced to an annoyance—background noise that we might occasionally notice, but that really can’t ruin our day.
However, we still don’t have a real handle on the DDoS problem. If we receive a preposterous sounding email threatening a DDoS attack from someone who could be the very same Nigerian prince, we can’t just laugh it off or ignore it—we still have to take it seriously. This year, attackers have targeted a variety of organizations, across all sectors, with the aim of influencing political events, disrupting both Bitcoin and traditional financial trading, and leveraging ransom to squeeze profit from those businesses not equipped to mitigate the massive volumetric attacks that have become part of everyday operations online.
It’s clear that DDoS isn’t going away anytime soon, and as attacks and motivations evolve, so must we if we are to maintain service availability—and business continuity.