Retrospective on Our Network Monitoring DDoS Coverage

DDoS attacks are on an upward trend. They’re easier than ever to purchase and put into practice. These attacks cause major downtimes, which quickly becomes expensive. In 2014, analyst house Gartner released a study regarding the cost of downtime. Based on industry surveys, Gartner concluded that downtime can cost around $5,600/minute. In 2018, this number is likely much higher. (Gartner has not released a similar study since 2014)

So how can you prevent network downtime? Through a variety of ways, and we have covered them during the past few months on our Network Monitoring site. Below are some of the highlights and our current take on these issues.

Hijacked Devices

“DDoS attacks are carried out by hijacked devices. The devices send numerous requests to a single target and flood websites, applications, or networks with overwhelming traffic. These attacks cause congestion and bandwidth consumption, potentially shutting down your service or networks”

With more network connected devices each year, there’s an increase in potential hijackable devices. BYOD workplaces, public WIFI, IoT devices are especially vulnerable. These new devices bring an additional need for effective DDoS mitigation and monitoring tools. As exciting as it can be to introduce new methods of productivity, being responsible and secure should always take priority.

Buying DDoS Services

“A recent report by cybersecurity company, Armor, went into detail regarding black market dark web offerings, including “cybercrime-as-a-service.” One of the services offered was, of course, DDoS attacks. They found that DDoS attacks can go for as low as $10 per hour or $200 per day. Armor surveyed over 1,000 organizations and found that 84% of them had dealt with at least one DDoS attack in the last year.”

“There are illegal services online where people can pay for DDoS attacks, these services are called “booters” or “stressers.” People, even children, threaten each other with DDoS attacks during something as simple as online disagreements.”

Considering the ease of carrying out a DDoS attack, enterprises need a defense plan. There are incidents where even children carry out DDoS attacks. This is a relatively common practice amongst young people playing online games.

To emphasize the ease of DDoS, we used the example of 21-year-old Alex Bessell. He was responsible for launching attacks against major companies including Google, Skype, and Nintendo. These were bold targets and it didn’t work out for him.

Network Monitoring DDoS Use Case

ThousandEyes gave a detailed insight of the GitHub DDoS attack. Of the attack, they state, ‘DDoS attacks are becoming more frequent and ever more powerful. While the GitHub attack had minimum service interruption and showcased a well-executed mitigation process, not all DDoS attacks are created equally.’”

The DDoS attack on GitHub was the largest in history. However, this isn’t likely to last long; DDoS attacks are growing in effectiveness with increased attack surfaces. This particular attack didn’t appear to have financial motivations. Experienced hackers don’t necessarily spend time on DDoS. They’re simple to execute and often used to troll.; but there are certainly examples of attackers holding a network hostage, this isn’t necessarily the norm.

How Network Monitoring Can Help

“Network monitoring is developing quickly alongside IoT devices. IoT devices are expanding the network and introducing new security flaws. IoT devices, being so numerous, introduce even more hijackable devices with little to no security. This increases the potential of DDoS attacks. Despite this, new challenges bring out innovative ideas. Intent-based networking has become the next trend in easing network management.

Intent-based monitoring grows alongside the expanding world of IoT devices. Having additional visibility allows your company to see where threats are coming from and how to secure those avenues. Gaining insight into an attack immediately allows network engineers to focus their time on valuable defense procedures. IoT devices might be vulnerable to hijacking but being able to monitor their behavior can make defending against them easier.”

DDoS Mitigation

“DDoS Mitigation tools are generally offered as add-ons from ISPs, but these are typically only valuable for smaller attacks. Mitigation tools are offered as standalone products from specialists as well. Learning the ins-and-outs of your network is just as important as snuffing out an attack. So, pairing network monitoring solutions with a DDoS mitigation tool can often be the best option for enterprises.”

For example, Akamai Prolexic combatted the GitHub DDoS attack with the help of ThousandEyes. This is the perfect example of tools working together to create a more effective solution to major network issues.