Distributed-denial-of-service attacks can range in severity from a minor annoyance to a significant threat depending on their level of sophistication. While most large companies have safeguards in place to protect against these types of attacks, it may be necessary to evaluate and improve on those protections as cybercriminals leverage more sophisticated tactics. Research firm Gartner recently warned that high-bandwidth DDoS attacks are likely to become more prevalent in the coming months. In addition, analysts predicted that 25 percent of such attacks will be application based in 2013.
Researchers cited high-profile incidents such as the DDoS campaign against financial institutions in the second half of 2012. While these threats succeeded in diminishing website performance and, in some cases, caused server outages, cybercriminals may also use these threats to distract security staff from attempted data breaches. Gartner emphasized the importance of investing in IT security solutions such as fraud prevention technology and spreading employee awareness to combat social engineering.
"2012 witnessed a new level of sophistication in organized attacks against enterprises across the globe, and they will grow in sophistication and effectiveness in 2013," said Avivah Litan, vice president and analyst at Gartner. "A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against U.S. banks in the second half of 2012, and this will continue in 2013 as well-organized criminal activity takes advantage of weaknesses in people, processes and systems."
One of the key takeaways from IT security incidents in 2012 is that it is becoming easier for cybercriminals to orchestrate large-scale threats. Although Gartner's warning was primarily focused on businesses in ecommerce and financial services, the proliferation of malware tools and rentable botnets requires better practices from all website owners. Network World's Linda Musthaler noted that it is relatively inexpensive for someone to initiate an attack that could disrupt businesses, emphasizing the importance of looking for evidence of fraud during and after attacks since many DDoS campaigns come with alternative motives.
"Many security experts believe that DDoS attacks may be smokescreens to hide other cybercrimes, including data breaches or financial fraud," Musthaler wrote. "Payloads in the attack traffic could be dropping malware on your servers. If your company does experience a DDoS attack, do a very thorough inspection of all system logs to determine if other malicious activities took place during the attack period."
For businesses utilizing cloud hosting services, it is important that they know whether company assets are protected against such threats. Corporations should investigate whether their provider has dedicated DDoS mitigation solutions and investigate the vendor's policies regarding notification and response.