Why DDoS remains a bigger threat than ever in the age of the cloud
Distributed denial of service attacks are one of the most established, and oldest, modes of cyber attack, dating back at least a quarter of a century to the mid-1990s. The cloud, on the other hand, is one of the newer revolutions in the tech world. While the term “cloud computing” was actually coined at approximately the same time as the inaugural DDoS attack, it is only over the past several years that the cloud has truly become a ubiquitous part of the computing landscape.
But just because DDoS attacks -- which seek to overwhelm internet services or websites by bombarding them with fake traffic -- are the established old guard of cyber attacks doesn’t mean that they’re outmoded in the modern era. Unfortunately, far from it, in fact. The tried-and-true DDoS attack continues to be a threat in the age of ubiquitous cloud computing. If anything, it’s ramping up more than ever.
Welcome to the world of cloud DDoS. Here’s why they remain such a problem.
Sometimes the old ways are the worst
DDoS attacks are continuing to increase all the time, both in frequency and scale. One recent report pegged the year-on-year number of DDoS attacks increasing by an astronomical 341 percent during the pandemic. Meanwhile, the size of these attacks is getting ever-bigger, while the sustained duration of attack gets longer. In the first quarter of 2021, the longest attack lasted a reported 746 hours, more than one calendar month. This record was beaten (to few people’s celebration) in the second quarter of the year, with a 776-hour attack, the equivalent of upward of 32 days.
The fact that DDoS continues to be a threat into the 2020s is no surprise. To quote the James Bond movie Skyfall, “sometimes the old ways are the best.” Although most people won’t have a “best” form of cyber attack (any more than you have a favorite form of computer error on a busy Monday morning), the techniques that make DDoS so effective continue to be a factor.
While cyber security defenses (more on those in a bit) have advanced a lot over the past 25 years, so too have the tools that can be leveraged by attackers. For example, the growing number of Internet of Things (IoT) devices has opened up a new target class of devices for so-called “botnets.” These devices can be infected using malware and then harnessed like a zombie army of internet-connected devices to send fake traffic in the direction of targets.
The world relies on the cloud
Most importantly when it comes to the effectiveness of DDoS, the world is now relying on computing infrastructure -- particularly cloud-based computing infrastructure -- more than ever. Whether it’s enjoying entertainment, shopping, or carrying out remote working during the pandemic era, people are more reliant on the cloud as a means to power the essential services and applications used on a daily basis. This makes attacking these targets tantalizing for bad actors for reasons that could range from trying to extort money (by threatening additional DDoS attacks) to sabotage to simply trying to cause chaos for no logical reason.
Furthermore, because it is now easier than ever to rent a botnet for as little as a few dollars at a time, the barrier to entry for attackers has never been lower than it is today. However, while those costs have decreased, the cost for a target of a DDoS attack have skyrocketed. An attack that successfully knocks a website, service, or cloud application offline could cost the victim anywhere from thousands of dollars to, in the case of a large enterprise customer, millions of dollars. Some estimates place the number at an average of $300k in costs -- for every hour of downtime. That’s in addition to potential longer term repercussions, such as dented customer loyalty.
Protecting the cloud against DDoS
Users’ reliance on the cloud will not go away any time soon. Cloud computing brings myriad advantages to both organizations and their customers, allowing users to access computing storage, services, and compute power from anywhere they happen to be, so long as they’ve got an internet connection. Every year, many more businesses embrace the cloud as a way to benefit from the flexibility and ease of cloud computing.
The good news is that the tools are there to protect organizations. Modern cyber security tools for safeguarding against DDoS are able to carry out monitoring of network traffic and applications to search for signs of possible DDoS attacks in progress. They can then block fraudulent traffic, while continuing to allow through legitimate traffic to its destination: stopping the bad actors, but not affecting access for the overwhelming majority. These cyber security experts also offer specialist scrubbing tools to help absorb large-scale DDoS attacks without flinching. Such measures can even be employed in complex cloud environments, in which organizations do not own the physical computing infrastructure that they are reliant upon for their livelihoods.
DDoS attacks will continue for the foreseeable future. But by taking the right measures, users can protect themselves and their customers against them: enjoying the best of what modern computing has to offer, without having to sweat over the negatives.