DDoS (distributed denial of service) threats continue to grow in both quantity and sophistication. According to research from Corero Network Security, customers have seen a significant increase in malicious attackers employing sophisticated techniques to deliver DDoS disruptions and incapacitate victims' online services.
The DDoS landscape
The most significant development is DDoS carpet bomb attacks having increased by 300 per cent over the course of 2022. This type of attack has the ability to evade traditional DDoS mitigation solutions, by spreading its traffic thinly across a wide address space and avoiding triggering typical detection mechanisms that only monitor individual IP addresses.
Corero also observed a rise in DDoS attacks targeting DNS services, which doubled between 2020 and 2022. The research suggests that adversaries are abusing the port associated with DNS as a way for their malicious DDoS traffic to enter a network via ACL/firewall rules which must open that port for legitimate DNS traffic.
Mirai-like DDoS attacks have also increased significantly, with over seven times as many attacks in 2022 than 2021. There has also been a 600 per cent increase in the share of malicious DDoS traffic carried by the IPv6 protocol in 2022.
The importance of always-on
In this ever-developing threat landscape, it is clear that traditional mitigation solutions are not delivering adequate protection against newer, more sophisticated, attacks, such as those distributed across multiple IP addresses. As such, service providers must ensure they remain one step ahead and be on hand to defend their customers with the latest generation of always-on protection.
This is especially true of smaller organisations, who can still find themselves the target of DDoS attacks but, may not have the in-house resources to adequately protect themselves.
Today, we are more reliant than ever on online services, and our tolerance for internet service outages is low, meaning any downtime can be costly for businesses. DDoS disruption will distance even the most loyal of customers, and significantly damage company reputation, finances, and productivity.
The ability to respond to DDoS attacks in seconds rather than minutes may be a major factor in remaining with a service provider or looking elsewhere. Traditional on-demand mitigation solutions, that may have been adequate for DDoS threats of the past, have not kept pace with the new techniques now employed by attackers and they can't react fast enough to prevent the downtime that is so damaging to today's online businesses.
Ultimately, for modern organisations, fast, automatic, always-on protection is now a must.
New revenue streams
Security is now the biggest segment for MSPs, with the global managed security services market predicted to grow from $22.8bn in 2021 to $43.7bn by 2026. With many commercial solutions available for organisations to defend against DDoS attacks, standing out in a crowded market is essential. Offering the latest generation of always-on DDoS protection, as-a-service, is a differentiator that can help service providers attract and retain more customers.
By choosing a service provider that offers the latest always-on and automated DDoS protection as-a-service, organisations can be confident they are well protected against the evolving DDoS threat, without the need for in-house resources. This means their IT/security teams can focus on more productive tasks, rather than mitigating the impacts of DDoS attacks and recovering from the outages they cause.
Not only does this benefit customers, but offering DDoS protection as an add-on service means that providers can enjoy new revenue streams. It is also important to carefully consider the best way to monetise that DDoS protection, choosing whether to offer single or tiered levels of protection, and how the value-add service should be priced.
It is also important to take into consideration the most effective way of managing tenants, with a Web portal for the service making it easier to onboard and configure customers and enabling them to gain comprehensive insights into the DDoS protection they are receiving.
By adding always-on, real-time, DDoS protection to existing services, not only can your customers be confident they are defended against the evolving DDoS threat, but you get the opportunity to grow your bottom line while differentiating yourself from the competition.
This post was funded by Corero.