Preventing DDoS armageddon

Davey Winder ponders how large a DDoS attack would have to be to take down multiple providers, and asks what businesses can do to protect themselves.

A recent blog by Carlos Morales, vice president of global sales engineering and operations at Arbor Networks , discussed the likelihood of a "DDoS Armageddon" attack.

Morales asked how big an attack would have to be to take down even the most prepared service provider, and suggested that Armageddon-style attacks of that magnitude could be on the horizon.

In the post, Morales addressed the metrics such as how to measure a DDoS attack in bandwidth and packet terms as well as detailing how Arbor's ATLAS system has seen attacks as high as 101.4 Gbps (bandwidth) and 139.7 Mpps (packets).

Attacks of that magnitude would have a profound effect on the internet as a whole.

It should come as no surprise there have been DDoS attacks capable of overwhelming an average 10 Gbps datacentre for many years now. An Armageddon attack, however, is defined as one that can take down the host target provider, as well as all of the other providers in between.

Morales argued that a 1 million host botnet could theoretically generate a DDoS attack in the region of 1 Tbps.

"Attacks of that magnitude would have a profound effect on the internet as a whole, exploiting bottlenecks in many places simultaneously," Morales said.

"No single service provider, even the largest tier ones, would be able to handle all this traffic without adversely affecting their user base."

But what do other security experts have to say about the likelihood of a

"DDoS Armageddon" and what businesses can do to prepare themselves for this? IT Pro has been finding out.

Expert security

Professor John Walker, chair of London chapter ISACA Security Advisory Group, said DDoS attacks are costing companies dearly, in terms of downtime, operability and ransom payments, if firms decide to try and pay off their attackers.

"During a high value window of operations, even the threat of a DDoS attack will send shivers down the spine of most online trading organisations, with a 30,000 payout [for example] being a drop in the ocean compared to the potential lost revenue," said Walker.

"For the ill-prepared and unimaginative CISO, the pay-off option may prove to be the most painless, [although] you can be sure to bet on one certainty once you have traded with criminality the likelihood is they, or some other like minded group, will add you name to their address book for a future visit."

Over the last 12 months, the School of Science and Technology at Nottingham Trent University have been running a research project to monitor DDoS attack patterns across the globe, revealed Walker.

"China is considered an aggressor, they also enjoy aggressive focus on their own logical boarders, sustaining high volume attack conditions each and every day," he said.

"And by inference, it was also evidenced on occasions where some physical events have occurred against a certain area, as with Hurricane Sandy, that the weakened state of a target offers the opportunity to leverage a heightened condition of cyber attacks in the form of a DDoS.

"It has also been noted that, as peak trading periods get closer, there is also a window of opportunity in which to ramp up the levels of DDoS attacks."

People's reliance on e-commerce sites and social media have also made many sites legitimate and high-value targets to DDoS attackers, said Walker.

"We have got used to migrating everything online where we are able to make available product, solution or service. However, this route to cost reduction, flexibility, and ease of use, also arrived with the baggage of criminal intent.

While it is in the business interest to enjoy the privilege of delivering online access to the designated client base, there are others who see this as an illicit opportunity to raise revenue, and as such the expectation should be for things to get much, much worse, until they get better.

"And we as the Community of Information Security Professionals need to start to work in a cross-domain imaginative, and collaborative mode to get ourselves back on the front foot," concluded Walker.

Amichai Shulman, chief technology officer and co-founder of Imperva, said the cost of staging an Armageddon-style DDoS attack could put off some would-be protagonists.

However, application layer attacks could become an important tool for hackactivists intent on carrying them out.

"These attacks achieve service interruption of large targets with a far smaller network footprint of volumetric attacks," explained Shulman.

"Application layer attacks abuse the inherent processing requirements of [an] attacked application in order to disrupt service of normal users.

"These attacks are becoming more prominent and even companies that have better visibility to volumetric attacks rather than application attacks are able to see an increase in [their] usage."

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download


Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
What is cyber warfare?

What is cyber warfare?

15 Oct 2021