DDoS: 'The New Normal'

New Research from Prolexic Finds More Sectors Targeted

By , March 11, 2013.
DDoS: 'The New Normal'
 

Listen Now

Read Transcript

Prolexic's CEO Scott Hammack says battling distributed-denial-of-service attacks has become part of everyday business. And during this in-depth interview, he explains why.

When it comes to DDoS attacks, Hammack says, "Anyone can get hit." And nation states and criminal actors will continue to use technology-driven methods to attack leading organizations in the Western world, he predicts.

"I think it is a new normal," he says during an interview with BankInfoSecurity.

DDoS attacks waged against U.S. banking institutions and other global organizations last month were the largest that Internet researchers have ever tracked, Hammack says. And it's not just the U.S. banking sector that's suffering.

In Prolexic's quarterly DDoS report, released April 17, the company notes that global DDoS attacks are increasing across numerous sectors.

"We see so many of these attacks across so many different verticals," he says. "Recently, the energy sector has been attacked as well. And it's not just in the U.S. These attacks are occurring worldwide."

Attackers More Brazen

Until early 2012, DDoS attacks usually were waged from home-based PCs that had been compromised by bots, Hammack says. Today, these attacks are being launched from compromised Web servers, and that has enabled the attackers to push attacks of increasing volume that can be redirected nearly instantaneously, he explains.

"What we've seen with the latest attacks is more of a push technology," he says. "The attackers are brazen enough to launch instructions to those servers, telling those servers in real time to attack. And the servers can allow them to change their vectors in minutes."

The average bandwidth consumed during last month's global attacks jumped from about 6 gigabytes at the end of last year to about 48 gigabytes, according to Prolexic.

"The trend is alarming," Hammack says. "No one can withstand that kind of traffic. That's enough to overwhelm any company."

During this interview, Hammack discusses:

  • How organizations and DDoS-mitigation providers are altering their strategies to mitigate online outages;
  • How attackers have exploited Internet security precautions, such as SSL, to their advantage during attacks;
  • Why these attacks cannot be stopped.

Hammack joined Prolexic in 2011. He most recently served as CEO of e-dmz, which was acquired by Quest Software in 2011, and was CEO of Cyberguard Corp., which was acquired by Secure Computing in 2004. Before Cyberguard, Hammack was the CEO of MasterChart Inc., which was purchased by Allscripts in 2001.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Obama Unveils Cyber Training Initiative

President Obama, in announcing the TechHire program, outlines a plan to help employers fill more...

Latest Tweets and Mentions

ARTICLE Obama Unveils Cyber Training Initiative

President Obama, in announcing the TechHire program, outlines a plan to help employers fill more...

The ISMG Network