503 “Service Unavailable” …Ever receive this error code from one of your web servers?
How about this in your log files?
TCP 192.168.3.102:34678 22.214.171.124:443 ESTABLISHED
TCP 192.168.3.102:34680 126.96.36.199:80 ESTABLISHED
TCP 192.168.3.102:34685 188.8.131.52:443 TIME_WAIT
TCP 192.168.3.102:34696 184.108.40.206:443 TIME_WAIT
TCP 192.168.3.102:34705 220.127.116.11:443 TIME_WAIT
TCP 192.168.3.102:34715 18.104.22.168:443 TIME_WAIT
Busy server? Maybe not. It could be the result of an application-layer DDoS attack.
What is at risk in a DDoS attack on an enterprise website or network? Certainly, there is a financial risk, as revenue will likely be lost as a direct result of the attack. There is the cost of remediation, and affected customers may have to be compensated. There is a legal risk if confidential user data is compromised. Service providers may face financial and legal consequences if they have failed to live up to their SLAs. Then there are intangibles, such as damage to a company’s brand or reputation, that will show up down the road in the form of a lost business and falling stock prices.
In January 2018 NETSCOUT Arbor published our 13th Annual Worldwide Infrastructure Report (WISR 2018).
This year’s report noted that the largest DDoS attack was 650 Gbps; which was down from the prior year of 800 Gbps. The report also noted that though the largest DDoS attack was 650Gbps, the overall mix of attack sizes is still shifting up. For example, this year the percentage of attacks over 1 Gbps has increased to 22%, growing three years in a row.
No sooner had the ink dried on WISR 2018, did we encounter a 1.7Tbps DDoS attack!
The case for a managed DDoS protection and mitigation service is well established. Partnering with a provider that can oversee the system’s operation takes a big IT issue off your plate, augments your staff resources, and gives you access to specialized DDoS expertise. But not all managed DDoS services are alike. How can you tell a great one from a merely good one? Here are the hallmarks to look for.
Scheduled to take effect on 25 May 2018, the General Data Protection Regulation (GDPR) calls for unprecedented changes in the way organizations collect, process and protect the personal data of EU citizens.
In reviewing the IPv6 threat concerns identified in the 13th Annual Worldwide Infrastructure Security Report (WISR), I am stricken by how today’s perceived threats are similar to what was observed and expected by early adopters 10 (or even 15) years ago.
By Tim Murphy, Country Manager, Arbor Networks
The organisers of the April 2018 Gold Coast Commonwealth Games have a huge task on their hands regarding the protection of the high-profile sports event from cyber-attacks.
During a DDoS attack, time is unforgiving. A few seconds can mean the difference between a successful mitigation and costly network downtime. Anything that accelerates your mean time to detect (MTTD) and respond (MTTR) to an attack is to your advantage.
Security teams at regional banks face real challenges: they confront the same global cyber threats as national or multi-national organizations, without the same resources. Distributed Denial of Service (DDoS) attacks targeting network and application availability — frequently including ransom demands — are a perfect case in point.