CISO DDoS Handbook – The DDoS Threat to Digital Transformation

As the global economy and its reliance on technology continue to evolve, so do cyberattackers’ strategies and techniques – working on launching debilitating DDoS attacks with the intent to cause downtime and havoc. Staying ahead of these attackers requires precise and real-time information/insights into the threat landscape and new forms of attacks. They also understand ongoing DDoS network vulnerabilities and the existing mitigation solution’s capabilities and ensure that both work harmoniously to close all DDoS system vulnerabilities before a damaging attack is launched. An attacker can take advantage of any open gap, often leaving it too late to mitigate without downtime.      


The New DDoS Attack

  1. WS-Discovery Attacks

    Attackers use a protocol called WS-Discovery (WSD), which allows unauthenticated traffic to flow through and amplify attacks. Amplification as a method is not new and has been used in the past under the names of Simple Network Management Protocol and Simple Service Delivery Protocol.

  2. Multi-modal DDoS Attacks

    Instead of just one form of attack, multi-modal involves launching several different attacks simultaneously. For example, an attacker will launch one attack, and as the mitigation solution tries to mitigate it, another vector is launched, one which could penetrate the network.

  3. Ransom DDoS Attacks

    or DDoS, as they are known- are attacks launched with ransom demands as the underlying motive. Attackers launch small attacks with the promise of a more significant attack on their web applications unless their needs are met. The whitepaper, `The Anatomy of Ransom Related DDoS Attacks,’ dives deep into this attack.

  4. Zero-Day Attacks

    These attacks involve vectors that attackers haven’t previously used. As they are new and unknown, mitigation solutions are unaware; blocking them is impossible. In parallel, they target unknown vulnerabilities in the network.

  5. IoT DDoS Attacks

    IoT devices are constantly increasing; thousands are out there. As IoT devices are created for various purposes, their manufacturers focus on more than just ensuring security within these new devices. DDoS attackers are not interested in corrupting a single device. On the other hand, they look to penetrate the network using the vulnerabilities in the IoT devices to launch DDoS attacks.

  6. Low-rate attacks

    Most enterprises struggle to distinguish between low-rate attacks and legitimate traffic. At the same time, they find it diff-challenging to maintain a low false-negative rate. Like significant attacks, small-size attacks can bring down the services rapidly and create an equivalent impact on businesses, urging companies to be prepared and review their web security arrangements.

  7. Small-Sized Attacks

    Research confirms that large attacks of 100Gbps and above have fallen by 64% in 2019. However, there has been a startling 158% increase in attacks sized 5Gbps. Or less. Enterprises need help to distinguish between low-rate attacks and legitimate traffic, and at the same time, find it challenging to maintain a low false-negative rate. Similar to significant attacks, small-size attacks can bring down the services rapidly and create an equivalent impact on businesses, urging companies to be prepared and review their web security arrangements.

Recurrent DDoS Attacks Despite Mitigation

DDoS Testing and Mitigation are the available solutions that digital enterprises rely on to ensure DDoS protection. However, most companies are left with significant DDoS vulnerabilities even with the most sophisticated DDoS mitigation and testing solutions deployed. This is because DDoS Mitigation security policies don’t adapt to dynamic changes in the network, leaving up to 75% of DDoS vulnerabilities undetected and therefore, unprotected. Furthermore, mitigation solutions and periodic Red Team DDoS testing are reactive rather than automatically and continuously detecting and closing vulnerabilities. This is the reason why attacks continue to occur regularly. Our monthly DDoS Attack Round-up shares attacks that took place around the world. But this list only captures publicly reported attacks, and much more go unreported. 

The Only Complete DDoS Protection for the Digital World

MazeBolt’s RADAR™ testing is the only 24/7 automatic solution testing DDoS attacks across your live environment with zero operational downtime. It automatically detects, analyzes, and prioritizes the remediation of DDoS vulnerabilities in any mitigation system. You are raising the efficiency of your mitigation solution for a healthy DDoS mitigation posture.


Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Updated.
Get our Newsletter*

Recent posts

Rapid Reset: the New DDoS Threat

CISA (Cybersecurity and Infrastructure Security Agency) urged organizations that provide critical internet delivery services to immediately apply patches and other mitigations after an internet-wide security

Read More

Stay Updated - Get Our Newsletter

Stay Updated - Get Our Newsletter