As DDoS attacks continue to rise, Power Admin takes a look at the stats and what can be done to help prevent such attacks damaging your business in 2014 “DDoS attacks should be a top security concern for organizations in the public and private sector in 2014” “Expect future campaigns to be even more extensive and to last for extended periods. Organizations, particularly those that operate or have interests in industries that are already prime targets, such as financial services and energy, need to ask themselves, ‘Can we be resilient against a DDoS attack?’” - John N. Stewart, senior vice president and chief security officer at Cisco. Attacks rose by 32.43% in 20132 The volume of attacks increased, with 10 out of the 12 months showing higher volume than the same months in 2012 Mobile apps and devices began to participate in DDoS attacks Attacks were most likely to originate in Asian countries Anyone that can rent a botnet can perform a DDoS attack Smaller scale attacks are on the increase Read More - http://www.slideshare.net/poweradmin/the-business-case-for-ddos-protection2 References: http://www.esecurityplanet.com/network-security/5-tips-for-fighting-ddos-attacks.html http://ddos-protection-services-review.toptenreviews.com/ http://www.cloudflare.com/ddos http://www.itbusinessedge.com/slideshows/show.aspx?c=96534 The Growing Threat of Application Layer DDoS Attacks http://www.us-cert.gov/ncas/alerts/TA14-013A http://en.nsfocus.com/2014/news_0326/166.html http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-5600a/prod_white_paper0900aecd8011e927.html

1. As DDoS attacks continue to
rise, Power Admin takes a look at
the stats and what can be done to
help prevent such attacks
damaging your business in 2014
The Business case for DDoS protection

2. John N. Stewart, senior vice president and
chief security officer at Cisco:
“DDoS attacks should be a top security concern for organizations
in the public and private sector in 2014”
“Expect future campaigns to be even more extensive and to last
for extended periods. Organizations, particularly those that
operate or have interests in industries that are already prime
targets, such as financial services and energy, need to ask
themselves, ‘Can we be resilient against a DDoS attack?’”
Cisco 2014 Annual Security Report

3. DDOS LANDSCAPE IN 2013
Attacks rose by 32.43% in 20132
The volume of attacks increased, with 10 out of the 12 months
showing higher volume than the same months in 2012
Mobile apps and devices began to participate in DDoS attacks
Attacks were most likely to originate in Asian countries
Anyone that can rent a botnet can perform a DDoS attack
Smaller scale attacks are on the increase

4. The major reason for committing a
DDoS attack in 2013 was political
Source: NSFocus3

5. Banks are the biggest target, followed by
government and enterprise
Source: NSFocus3

6. 93.2% of attacks last less than 30 minutes and
80.1% don’t surpass a traffic rate of 50Mbps
Source: NSFOCUS

7. Anti-spam firm Spamhaus suffered the biggest
DDoS attack in history in 2013
Don’t be next!
1

8. Application layer threats are on the rise, with
smaller, more stealthy attacks being carried out more
frequently
Source: The Growing Threat of Application Layer DDoS Attacks – Arbor Networks

9. For large sites, consider further investment into
cloud mitigation services, these generally have:
• Specialist expertise in network
engineering and the latest
techniques employed by attackers
• Lots of bandwidth to help route
traffic for high volume attacks
• Lots of different mitigation
hardware and multiple filtering
layers
Invest in
the cloud

10. The winner in Top Ten Reviews for the best DDoS protection is Incapsula, which provides:
• Distributed network of data centers which cache site data
• Always-on service
• 24/7 support
• Prevents damage from a DDoS attack without the need to alter
hardware, software or website code

11. Even the biggest networks can be affected if targeted by a large scale attack.
Cloudflare’s European network suffered an attack in January 2014 which was the result
of one unnamed customer being targeted. The attack tipped the scales at 400 Gbps
Source: IT News Australia
Matthew Price, Cloudfare chief executive: “Someone's got a
big, new cannon" the attack was the "start of ugly things to
come".

12. CLOUDFLARE SUFFERED A NTP ATTACK:
According to US-CERT:
‘A Network Time Protocol (NTP) Amplification attack is an emerging form of
Distributed Denial of Service (DDoS) that relies on the use of publically
accessible NTP servers to overwhelm a victim system with UDP traffic.’
TO OVERCOME AN ATTACK OF THIS NATURE:
“…upgrade all versions of ntpd that are
publically accessible to at least 4.2.7”

13. http://www.esecurityplanet.com/network-security/5-tips-for-fighting-ddos-attacks.html
http://ddos-protection-services-review.toptenreviews.com/
http://www.cloudflare.com/ddos
http://www.itbusinessedge.com/slideshows/show.aspx?c=96534
The Growing Threat of Application Layer DDoS Attacks
http://www.us-cert.gov/ncas/alerts/TA14-013A
http://en.nsfocus.com/2014/news_0326/166.html
http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-
5600a/prod_white_paper0900aecd8011e927.html