A quarter of 2013 DDoS attacks will be app-based, says Gartner

A quarter of distributed denial of service (DDoS) attacks in 2013 will be application-based, according to a report by research firm Gartner.



A quarter of distributed denial of service (DDoS) attacks in 2013 will be application-based, according to a report by research firm Gartner.

Instead of inundating websites with requests, such DDoS attacks send targeted commands to applications to overwhelm them and make them unavailable.

"2012 witnessed a new level of sophistication in organised attacks against enterprises across the globe, and they will grow in sophistication and effectiveness in 2013," said Avivah Litan, vice president and distinguished analyst at Gartner.

"A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against US banks in the second half of 2012, and this will continue in 2013 as well-organised criminal activity takes advantage of weaknesses in people, processes and systems," she said.

According to Gartner, high-bandwidth DDoS attacks are becoming increasingly common and will continue wreaking havoc on unprepared enterprises in 2013.

A new class of DDoS attacks on US banks in the second half of 2012 added up to 70 Gbps of noisy network traffic, compared with the 5 Gbps of most network-level DDoS that had come before.

"To combat this risk, enterprises need to revisit their network configurations, and rearchitect them to minimise the damage that can be done," said Litan.

"Organisations that have a critical Web presence and cannot afford relatively lengthy disruptions in online service should employ a layered approach that combines multiple DOS defenses,” she said.

Gartner said hackers are also using DDoS attacks to distract security staff so that they can steal sensitive information or money from accounts.

Enterprises subject to DDoS attacks should take steps to mitigate potential damage from these attacks and co-operate with industry associations to share intelligence that can be acted on collectively and quickly, said Gartner.

“Enterprises are just beginning to open their eyes to the threats posed by DDoS attacks, as hackers take advantage of shortfalls in security wherever they find them, said Darren Anstee, head solutions architect at network security firm Arbor.

“More stealthy, sophisticated application layer attacks can be difficult to deal with especially if they are only one part of a multi-vector attack,” he said.

According to Arbor’s WorldWide Infrastructure Report 2012, multi-vector attacks have become more common with 46% of respondents reporting these in 2012. This is a 32% increases on 2011.

Internet service availability is also key, said Anstee. “Downtime can cause significant reputational and financial damage to organisations who are reliant on the Internet to sell products, offer services or access cloud based data and applications. Virtually all businesses are vulnerable in some way, he said.

Gartner’s findings emphasise the fact that a broad range of organisations should evaluate the impact a DDoS attack could have to their business and take steps to deal with this threat, said Anstee.


Read more on Hackers and cybercrime prevention