Distributed denial of service (DDoS) attacks remain a top cybersecurity threat for enterprises heading into 2H20. By the end of 2019, 167,400 DDoS attacks had been detected, generating a total of 436,800 TB traffic. On a year-on-year basis, the number of attacks increased 30.2%. In 2019, the average peak size of DDoS attacks rose steadily from 2018 to 42.9 Gbps, indicating that techniques employed by large and medium scale attacks are advancing year over year.
Volume of data is increasing
At the same time, Internet of Things (IoT) devices are showing up increasingly in DDoS attacks (it’s estimated that approximately 170,000 IoT devices alone were found in DDoS attacks in 2019). As these devices remain connected to the Internet almost 24×7 and often contain vulnerabilities that fail to be addressed, they become the hotbed of exploits. This generates an urgent need to enhance enterprises’ security awareness and improve efforts in prevention and governance of related threats.
To protect against large-scale DDoS attacks, “scrubbing” (or cleaning) the IP traffic is critical, involving routing incoming network traffic to multiple data centres to be filtered when a DDoS attack is detected. This filtering separates the legitimate traffic from the false traffic, and is done as close to the attack sources as early as possible — shielding the organisation from getting overwhelmed by malicious data packets.
Not all “scrubbing” is the same
While scrubbing the traffic is effective against DDoS attacks, it comes with one drawback. During DDoS attack mitigation, routing of traffic to scrubbing centres can introduce extra time for data to transit the network, temporarily impacting business operations. This becomes an issue when the scrubbing centres are located far away from the normal communication path between the organisation and its users.
For the enterprise, the best way to solve this challenge is to partner with a DDoS protection provider that maintains geographical scrubbing centres located at key peering hubs around the world and where most of the internet traffic is being exchanged (no matter the type of traffic, legitimate or attack). The network latency impact is kept as minimal as possible while ensuring clean and steady inbound traffic throughout any DDoS attack. When considering that an average DDoS attack can last up to 24 hours, minimising the impact the time it takes IP traffic to traverse the network is critical in order to maintain the user experience at an acceptable level.
Reduce latency, improve response with regional traffic routing
Defend against DDoS attacks by requiring IP traffic scrubbing as close to your network as possible to reduce latency rather than sending it farther away. So for example if you’re based in Europe you’ll be wanting to look at providers who offer a facility in Europe. A regional operation can re-route traffic in rapid time for DDoS attack mitigation, protecting customer networks and web applications while maintaining the level of user experiences.
Unfortunately, DDoS attacks are on the rise and it doesn’t look as if the problem is going to go away any time soon. For this reason it’s essential that you look at ways to prevent and mitigate potential attacks before they become a problem for your enterprise.