On Super Bowl Sunday, one of the most socially active days of the year, the Playstation Network (PSN) experienced yet another extended outage — the second since Christmas. While it’s not yet clear whether the outage was caused by another DDoS attack (like the Christmas Day outage), that’s the most likely cause. And, even if this outage wasn’t a result of a DDoS attack, you can bet there will be another one soon.
Media and the entertainment industry were the most common victims of DDoS attacks during the third quarter of 2014, and those attacks were 40 percent larger than similar attacks in Q2. Entertainment and gaming providers are just too tempting a target to resist, with dedicated users who are experts at using social media to air their complaints. This type of DDoS attack garners a lot of attention — and that’s the whole point.
The most important takeaway is that even big companies with extensive resources are vulnerable, especially when the attackers implement the attack via Domain Name Servers (DNS). In a DNS attack, hackers do what’s called IP address spoofing — they masquerade as their victim’s IP address and, using that address, start pinging servers for all kinds of information. The servers answer and send everything they have to the spoofed IP. The targeted system then crashes, being too overwhelmed to process that much traffic. It’s called amplification, and it’s a DDoS attack on steroids. To make matters worse, Internet Service Providers (ISPs) frequently think the tidal wave of traffic is an attack on them, so they start blocking websites, adding insult to injury.
Unfortunately, these attacks are hard to detect and even harder to stop. The most reliable method of DDoS security, eliminating unsecured recursive resolvers, is time-consuming and expensive – even more so when you consider that, out of approximately 27 million DNS servers on the internet, about 25 million of them are vulnerable to being used in an attack.
With the average cost of downtime estimated to be a whopping $79,000 per minute, companies simply can’t afford to give DDoS protection short shrift. The threat merits dedicated resources, which is why more and more companies are outsourcing their DDoS protection to experts. Hackers’ methods are constantly evolving, so people who spend their days (and nights) doing nothing but keeping up with and stopping the newest DDoS attacks stand the best chance of developing and implementing a good defense.
The best providers of DDoS protection also offer 24/7 emergency services, with a crew standing by to help out if you do become the victim of an attack. The two-pronged approach – implementing safeguards to prevent DDoS attacks and being ready to come to the rescue if one slips through – is essential to data security and will become even more so over the coming weeks and months.
It’s time to give your DDoS protection a checkup, and if you’re not absolutely sure you’re protected and prepared, take the time to make some changes before it’s too late.
###
