It’s funny although sometimes the first way we do something might be the right way, we try to improve it to make it look shinier. Eventually we realize that the most obvious answer was actually the right answer, our original tactic.
The Risk DDoS Attacks Pose to Enterprises
What is the impact of a DDoS Attack?
Denial of Service attacks affect enterprises from all sectors (e-gaming, Banking, Government etc.), all sizes (mid/big enterprises) and all locations. They target the network layer up through the application layer, where attacks are more difficult to detect since they can easily get confused with legitimate traffic.
A denial of service attack generates high or low rate attack traffic exhausting computing resources of a target, therefore preventing legitimate users from accessing the website. A DDoS attack can always cause an outage, but often they have the stealth impact of slowing down network performance in way that enterprise IT teams do not even realize the network is under attack and simply think the network is congested, not knowing the congestion is actually caused by an attack.
As the saying goes in the real world, “necessity is the mother of invention.” However, those of us that work in the technology sector know that this isn’t always the starting point or source in our arena. There are volumes of cautionary tales and vast, virtual graveyards of “products looking for a problem to solve.” Often, these come about when vendors look across their technology portfolio and identify logical interactions that only they can see. Other times they occur through overzealous business development efforts, a sort of unfortunate “you got your chocolate in my peanut butter” scenario where the result tastes anything but sweet.
More and more organizations realize that DDoS threats should receive higher priority in their security planning. However, many still believe that the traditional security tools such as firewalls and Intrusion Prevention Systems (IPS) can help them deal with the DDoS threat. This post explains why organizations should not count on their firewall and IPS when it comes to mitigating DDoS attacks.