Man, Machine and DDoS Mitigation The case for human cyber security expertise
Automated DDoS mitigation poses risks Distributed denial of service (DDoS) attacks can overwhelm DDoS appliances Today s DDoS attacks are larger and more complex than in the past Experienced security professionals block DDoS attacks faster than machines Human eyes and creativity are needed to stop attacks from live attackers
What is a DDoS attack? A DDoS attack tries to make a computer resource unavailable to its users It succeeds by overwhelming the target with data, requests or both Hackers boost their attacks by calling on hoards of compromised Internet devices The zombie devices have fallen under the control of an attacker through a virus or malware
It s important to choose the right DDoS mitigation strategy Outages caused by DDoS attacks are increasing and damaging to businesses As a result, many organization have made big investments in DDoS mitigation technology Firewalls Intrusion prevention systems (IPS) Intrusion detection systems (IDS) Router appliances But often these devices fail to stop DDoS attacks
It s cheap to rent a botnet to crash a DDoS mitigation appliance For a few hundred dollars a day anyone can rent a botnet that can command up to 50,000 computers That s more than enough to take down a very wellprotected Internet-facing asset such as a router, load balancer or website
Mitigation appliances are no match for the size of today s DDoS attacks A local DDoS mitigation appliance can typically stop less than 10 gigabits per second (Gbps) of attack traffic A firewall offered by an ISP can usually handle less than 20 Gbps A cloud-hosting provider can usually handle less than 40 Gbps Many of today s DDoS attacks are too big for these solutions 100 Gbps: Prolexic has blocked multiple attacks of this size 179 Gbps: Largest attack mitigated by Prolexic as of December 2013
Mitigation appliances are no match for the complexity of today s DDoS attacks DDoS attacks continue to increase in complexity Attacks can target three different areas in one campaign Network layer, described in the Open Systems Interconnection model (OSI model) as Layer 3 Transport layer (Layer 4) Application layer (Layer 7) Layer 7 attacks often look like legitimate traffic Even simple application attacks can critically overload web servers and databases
All online companies and industries are at risk regardless of size Many company executives think it won t happen to their organization but they are attacked High-bandwidth attacks against the financial industry hit in 2012 and 2013 Gartner predicts a 10 percent growth in the financial impact that cybercrime will have on online businesses through 2016* Reason for an attack vary: extortion, corporate revenge or simply malicious hackers * Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond, December 1, 2011
Learn more in the white paper Download the DrDoS white paper: Man, Machine and DDoS Mitigation In this white paper, find out why you need human cyber security expertise: Understand the current and future DDoS threatscape Learn the capabilities and limitations of specific types of DDoS mitigation appliances Find out how live attackers overwhelm automated systems Understand the weaknesses of the new breed of intelligent DDoS mitigation device Avoid blocking legitimate traffic when under attack Learn about Prolexic s Security Operations Center
About Prolexic Prolexic Technologies is the world s largest and most trusted provider of DDoS protection and mitigation services Prolexic has successfully stopped DDoS attacks for more than a decade Our global DDoS mitigation network and 24/7 security operations center (SOC) can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers