DDoS Attacks Grow Shorter But Pack More Punch
DDoS attack sizes are rising even as the duration of the attacks grows shorter, according to Arbor Networks.
According to a new report from Arbor Networks about the third quarter of 2013, the average attack size now stands at 2.64 Gbps for the year, an increase of 78 percent from 2012. The number of attacks monitored by the firm that are more than 20 Gbps experienced massive growth, to the tune of a 350 percent increase so far this year.
Meanwhile, the length of the vast majority of attacks (87 percent) has gone down to less than an hour.
"Shorter duration attacks are not inherently harder to detect, but they can be harder to mitigate," says Gary Sockrider, solutions architect for the Americas, Arbor Networks. "Many organizations today rely on network- or cloud-based mitigation of DDoS attacks. Because they rely on rerouting attack traffic to scrubbing centers, there is a small delay in mitigation while routing or domain name changes propagate.
"Ideally you want to have mitigation capabilities on your own network that can react immediately without the need for redirection. I think it's safe to say that if you have absolutely no mitigation capabilities, then shorter attacks are better. However, if your only protection has inherent delays, then shorter attacks potentially cannot be stopped."
Barrett Lyon, founder of DDoS mitigation firm Prolexic Technologies and now CTO of Defense.net, says that shorter DDoS attacks also have the added benefit of minimizing an attacker's exposure.
"The longer it runs, the more things are obviously clogged up and the more reactive network engineers become," he observes. "When network engineers start researching a problem like that -- congestion in their network or why is this computer slow -- it exposes the botnet and makes it much vulnerable than it would be otherwise. So if it's a short attack but big, [attackers] can kind of quickly see and size up their target. They can quickly determine ... what's the best bang for the buck when it comes to attacking."
... Read full story on Dark Reading
Post a comment to the original version of this story on Dark Reading