5 Myths About DDoS in 2020

By Eyal Arazi March 10, 2020

The nature of DDoS attacks is shifting, and while some organizations might believe that DDoS is a thing of the past, this is not the case. Here are the top 5 DDoS myths for 2020.

Myth 1: DDoS is No Longer a Problem

According to Radware’s 2019-2020 Global Application & Network Security Report, about one-third of respondents experienced a denial of service (DDoS) attack. Attackers are moving away from simple volumetric floods, and focusing on more sophisticated, harder to mitigate application-layer (L7) DDos attacks.  According to Radware’s research, 90% of attacks were under 10 Gbps, and the average packet-per-second (PPS) declined, but nearly all respondents (91%) who reported a DDoS attack, indicated that the preferred attack vector was the application layer.

Furthermore, volumetric pipe saturation attacks declined by about 9%, but there was an increase in attacks targeting specific network components such as application servers, firewalls and SQL servers.

[You may also like: Network Security in an App-Driven World]

This means that while the nature of DDoS attacks is changing, DDoS attacks are still very much a concern for organizations, and a high priority to protect against.

Myth 2: DDoS Ransom Notes Are a Thing of the Past

Likewise, the past few months have seen a resurgence in DDoS ransom attacks. According to Radware’s 2019-2020 Global Application Security Report, ransom attacks increased 16% year-over-year, and 70% of North American companies ranked ransom as the primary motivation for cyberattacks.

The past few months have seen two significant DDoS ransom campaigns: first against banks in South Africa in October 2019, and more recently a targeted campaign against Australian banks and financial institutions. In both cases, ransom notes preceded large-scale, sophisticated and sustained campaigns to knock-down financial services.

[You may also like: Emotet Attacks Spread Alongside Fears of Coronavirus]

This means while we may not hear as much about DDoS ransom attacks as in the past, attackers have not given-up on this attack vector, and organizations must stay vigilant and watchful for this type of attack.

Myth 3: Your ISP Can Protect You

Battling sharply decreasing connectivity costs, more and more internet service providers (ISPs), carriers and mobile operators are offering DDoS protection services as a way to provide value-added services and increase customer retention.

For many customers, getting low-cost security services
bundled with their internet service can be a compelling proposition; after all,
who
can beat the price of free?

The problem, however, is that for the most part, security is
a side business for your ISP. This means that they lack
the technology and security expertise to provide truly effective
protection. Moreover, since it is frequently a loss-leader product to support
their other services, ISPs are frequently incentivized to invest as little as
possible in defenses.

[adbutler zone_id="276005"]

As a result, they frequently provide only the simplest, most basic protections which cost them the least. Consequently, such customers do not receive protection against the latest, most sophisticated types of attack such as burst attacks, dynamic IP attacks, application-layer DDoS attacks, SSL DDoS floods, and more.

Customers relying on their ISP for protection might enjoy the short-term savings in the cost of service, but may very well discover that this type of low-cost protection will end up being far more expensive down the road.

Myth 4: Your Public Cloud Provider Can Protect You

As organizations increasingly adopt public cloud
infrastructure, many customers are opting for the built-in, free DDoS
protections offered by their public cloud hosting providers. Many security
managers are happy to see DDoS as a network problem, and have it handled by
their cloud provider. For example, according to Radware’s 2019-2020 Global
Application & Network Security Report, 31% of organizations rely primarily
on the native security tools of the public cloud vendors, and a similar number
combine native tools with third-party solutions.

The problem, however, is that security tools offered by
public cloud vendors are frequently rudimentary, ‘good-enough’ tools that will
provide basic protection, but not much more.

[You may also like: The Move to Multiple Public Clouds Creates Security Silos]

This is particularly true for DDoS protection, where like ISPs, public cloud vendors frequently opt for the most basic, cost-effective (for them) protections. To illustrate, one large public cloud provider has no qualms about declaring that their free tier provides protection only against the ‘most common, frequently occurring network and transport layer DDoS attacks’.

Moreover, such tools will usually protect only those assets which are hosted on that provider’s public cloud environment, but not assets hosted elsewhere, on other cloud environments or in physical data centers. As a result, organizations running multi-cloud environments and relying on their cloud providers for DDoS protection will end up with siloed security mechanisms, inconsistent security policies, and segregated reporting.

Myth 5: All DDoS Protections Are the Same

As more and more services migrate online, security is increasingly focused on application security and data protection, and less on network-layer security. This has led some organizations to believe that DDoS protection is a network-layer issue, a thing of the past, and consequently, that DDoS protections are all the same.

[You may also like: Why ‘Free’ DDoS Protection Can be the Most Expensive]

As we explained above, the nature of DDoS attacks is shifting, and protections that used to be adequate not long ago are no longer effective. DDoS attackers are concentrating more and more on the application-layer, leveraging sophisticated bots to launch attacks, and use sophisticated attack vectors such as burst attacks, SSL floods, and carpet-bombing attacks.

DDoS protection services vary wildly by technology, network,
and service. This is why it’s important to choose
a DDoS protection service that offers behavioral protections which go
beyond simple signature and rate limits, have the capacity to deal even with
the largest attacks, and back their marketing claims with quantifiable
and measurable SLA metrics.

Read Radware's “2019-2020 Global Application & Network Security Report” to learn more.

Download Now

Posted in: DDoS
Eyal Arazi

Eyal Arazi

Eyal is a Product Marketing Manager in Radware’s security group, responsible for the company’s line of cloud security products, including Cloud WAF, Cloud DDoS, and Cloud Workload Protection Service. Eyal has extensive background in security, having served in the Israel Defense Force (IDF) at an elite technological unit. Prior to joining Radware, Eyal worked in Product Management and Marketing roles at a number of companies in the enterprise computing and security space, both on the small scale startup side, as well as large-scale corporate end, affording him a wide view of the industry. Eyal holds a BA in Management from the Interdisciplinary Center (IDC) Herzliya and a MBA from the UCLA Anderson School of Management.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia

Close

What are you looking for?