The massive worldwide shift to remote work and increased online activities created an ideal situation for threat actors to find new opportunities to exploit, culminating in the most Distributed Denial-of-Service (DDoS) attacks ever recorded in a single year.
NETSCOUT’s ATLAS Security Engineering and Response Team observed an astonishing 10,089,687 attacks over the course of 2020; this surpassed 2019’s count by 1.6 million attacks.
In just May 2020 alone, NETSCOUT observed 929,000 attacks, by far the largest ever in a 31 day period. While the world was lockdown between March and June 2020, DDoS attacks were 25% higher than the previous three month period.
The quantity wasn’t the only thing that was historic. In February 2020, AWS observed and mitigated a 2.3 Tbps attack, making it the largest DDoS attack in history in terms of bitrate. The previous largest attack in history was a 1.3 attack against GitHub in 2018.
Hackers Took Advantage of the Pandemic
Attackers went on the offensive against COVID-impacted industries like healthcare, education, and e-commerce with short, complex, high-throughput attacks.
According to Akamai, the verticals that saw the biggest spike in DDoS attacks included the financial sector with a 222% increase from 2019, the education sector with a 178% increase, and the Internet/telecom sector with a 210% increase over 2019.
The bad news continues: DDoS attacks became faster and more complex in 2020. These campaigns combined multiple attack vectors aimed at the network, application, and data layers. These DDoS takedowns are often diversions, with the real goal to take data, distribute malware, and demand ransoms while companies race to mitigate the attack and get their website back online.
The Cost of Getting Attacked
How much money should a business expect to lose when they’re hit with a DDoS attack? DDoS defense company Corero Network Security sought to answer that question and polled 300 security professionals from cloud, government, finance, media, and online gaming. Here are the not-so-uplifting findings:
- 91% of those surveyed said that DDoS attacks have cost their organizations up to $50,000.
- 85% believe that DDoS attacks are used by attackers as a precursor or smokescreen for data breach activity.
- 71% reported that their organization has experienced a ransom-driven DDoS attack.
- 78% cited the number one most damaging effect of a DDoS attack is the loss of customer trust.
While not all DDoS attacks are going to cost 5 figures, what may be worse is having your website inaccessible and ruining customer confidence. A company’s reputation can be linked to corporate profits.
DDoS Attack Mitigation Services
Do you have the latest DDoS fighting tools and technologies ready for 2021? While you can’t predict how large an attack against your server will be, you can choose what protection you need based on how mission critical your operations are.
HostDime’s secure network is among the most DDoS protected in the infrastructure industry. That’s because we offer three types of DDoS protection: NETSCOUT’s local inline mitigation, a cloud-based traffic scrubbing service, and a combination of the two with our hybrid protection.
The NETSCOUT appliance sits within our facility for inline protection. When the appliance detects irregular traffic, our team moves the affected subnet and begins filtering. With our Cloud Scrubbing service, ALL traffic gets filtered through one of our various GRE tunnels. Our Hybrid DDoS is unique for its performance based, “always on” protection. Read on for a more in-depth look at the intricacies of each service.
Inline DDoS Protection
HostDime offers premium hardware-based DDoS monitoring and mitigation, while most service providers offer reverse proxy DDoS detection. The problem with this is your traffic goes to a third party, is cleaned, then re-routed back to your host.
Our DDoS protection is different because it’s inline, or actually within the data center. We take both your affected and unaffected traffic, filter out the bad stuff, and leave only legitimate traffic flowing to and from your server. Once a server is placed behind our DDoS protection hardware, it learns “normal” traffic patterns so it can identity bad traffic in the future. Therefore end users notice no added latency, even when active mitigation is taking place.
Cloud DDoS Protection
HostDime’s DDoS Cloud Scrubbing is a IP routing service where all traffic is examined and filtered, then the cleaned traffic is forwarded to our enterprise network via our Generic Routing Encapsulation (GRE) tunnels. This security cloud is a private point-to-point link between network nodes, and acts as our safety net if a large DDoS attack occurs. Your whole critical infrastructure is safe with this protection.
Here is a visual depicting how HostDime’s global security cloud delivers clean traffic to a visitor accessing a DDoS affected website.
All IP addresses routed through our scrubbing centers are protected against DDoS attacks. The always active service uses network sensor devices to immediately detect suspicious patterns. Traffic toward that IP is then redirected for mitigation in our security cloud. Redirection stops minutes after the attack ends. HostDime’s DDoS protected GRE tunnels can clean an attack up to 100Gbps; that’s an impressive amount of scrubbing power.
Hybrid DDoS Protection
Lastly, HostDime’s Hybrid DDoS Protection gives clients the best of both worlds with a performance based option with “always on” protection. This unique set-up combines the inline DDoS protection appliance with the DDoS cloud filtering service. This protection detects and acts immediately against all sorts of large and complex attacks. When disruption occurs, clean traffic still gets through thanks to the cloud scrubbing. One difference between this service and the cloud scrubber is added latency when in protection mode.
The following chart spells out the differences between the three DDoS protection services. Whichever you choose, enjoy peace of mind knowing your business will have superior uptime, uninterrupted data center access, and relief from network security threats.
HostDime’s inline DDoS service is included on all managed dedicated servers, but if you require additional protection, contact us now to figure out the right plan for you. We offer both monthly and on-demand packages, featuring over 5GBPS of attack protection if necessary. Currently, only dedicated server and colocation clients can take advantage of these additional DDoS protection services.
Stay safe out there!
Jared Smith is HostDime’s Director of Marketing.