Four prevalent myths about DDoS are that: DDoS only hits big brands; every DDoS attack is the same; protection is too expensive; all solutions are the same - but each of these beliefs is false.

Few topics terrify business leaders and IT security practitioners as much as Distributed Denial of Service (DDoS). Rising numbers of DDoS attacks, bandwidth peaks after bandwidth peaks, and new attack vectors are all good reasons to be concerned. However, although such attacks are constantly in the news, many misconceptions regarding DDoS persist. In this article, we'll explore five DDoS myths to shed more light on the subject.

Only big international brands or online shops are victims of DDoS attacks

Many business owners think that a DDoS attack won't strike their organisation or that DDoS attacks don't happen in their industry. But the truth is, organisations of all kinds are targets. According to the 2016 Verizon Data Breach Report, 99 percent of attacks in the entertainment sector were DDoS attacks. Attacks on institutions in the professional industries were 90 percent DDoS attacks, and 81 percent in educational institutions. Nowadays, almost every company relies on a stable internet connection and must be available around the clock. In fact, the biggest DDoS damage is done by making supply chains or internal networks unavailable, which is why attackers often aim to take down whole IT infrastructures rather than just a website.

Thinking that only major international brands are DDoS victims is a common misconception. As a matter of fact, more and more small and medium-sized businesses are becoming attack targets, as they often don't have a security solution in place due to a lack of financial resources. Thus, for the perpetrators, these companies can be even more attractive targets than the big fish, simply because it's easier to do more damage when there's no chance that the business can fend off even a comparatively small attack.

What most people don't know is that attacks of less than 5 Gbps are often enough to cause severe damage to an organisation. In fact, the Link11 DDoS Report Q2-Q3 2017 revealed that 28 percent of businesses in the European Union have a broadband connection of between 2 and 10 Mbps. According to the report, attack bandwidths of up to 5 Gbps accounted for about 90 percent of all attacks registered in the third quarter of 2017.

Every DDoS attack is the same

Just as not every DDoS protection solution is created equal, not every DDoS attack is the same. In fact, DDoS attacks could hardly differ more from each other. Their complexity is indeed their biggest risk. Given that network firewalls are not capable of determining whether traffic is good or malicious, such protections are insufficient when it comes to more complex or AI-driven attacks. Perpetrators who see that their attack is unsuccessful usually launch attacks with more than one attack vector. For example, in the fourth quarter of 2017, IT specialists at Link11 registered a DDoS attack in which the attacker combined 12 attack vectors.

DDoS protection is too expensive

Digital transformation has made it virtually inevitable that companies will use the internet and be available 24/7. Being offline means losing money and is the worst nightmare for most business owners. Being unprotected means risking not only financial losses, but also brand or reputational damage. According to the 2016 Cost of Data Center Outages Report from the Ponemon Institute, data center outages caused by DDoS attacks cost an average of US$ 981,000. Moreover, the average service interruption costs up to US$ 17,244 per minute. This makes these attacks significantly more expensive than any DDoS protection service. Risking reputational damage, lost sales revenue and the cost of IT recovery efforts should never be an option. Building a brand takes years, but that same brand can be destroyed overnight.

Simply paying the attacker might sound like an easy way out but is probably the riskiest option as it motivates the attacker to do the same thing again and provides them with resources to launch even bigger attacks. Besides that, paying them encourages criminals to keep doing what they do, making it unethical in every case.

Every DDoS protection solution is the same

Business owners often think they don't need to worry about DDoS attacks because they have a solution in place. What they don't know is that DDoS protection solutions vary widely in quality and coverage. On-premise DDoS deployment is often useless when DDoS attacks reach very large bandwidths or when new attack vectors are applied. When Memcached reflection attacks first emerged, experts at Link11 registered attacks of more than 400 Gbps in the first couple of days. Moreover, recent events show that Memcached servers can easily be abused to reach bandwidths of more than 1 Tbps.

Furthermore, DDoS attacks are often complex, and attackers do their best to get their malicious traffic passed through undetected to a company´s server. And their goal is not always to simply knock out a website. Consuming resources through multi-layered attacks opens the door for them to launch other kinds of attacks. To protect a business against all kinds of DDoS attacks, the solution implemented should be cloud-based and self-learning. That's the only way to ensure real-time protection and the detection of zero-day attacks.

Conclusion

DDoS is a widely discussed topic these days, and it needs to be comprehensively reviewed when an organisation reviews its cyber-security strategy. The DDoS threat landscape is constantly evolving due to the discovery of new attack vectors. To achieve a reliable DDoS mitigation game plan, it's vital to stay informed and understand the full scope of DDoS attacks in all their complexity and variety. Having a plan and being informed is fundamental and essential to safeguarding a business.

Contributed by Marc Wilczek – COO – Link11.

This article originally appeared at scmagazineuk.com