The State of Cybersecurity: The DDoS Threat

Feb. 2, 2023
Almost anyone (even novice hackers) can hire a malicious actor or download the tools and aim it against a network or an individual organization.

Last week we launched our article series on DDoS protection in a connected world. This week we'll outline the state of cybersecurity and DDoS.

As we look at the digital landscape, we quickly see that data is growing in proportion to how much it’s worth to the bad guys. According to Cisco, the current market around cybercrime ranges between $450 billion to $1 trillion per year, and further estimates expect this number to increase. How do the bad guys keep making this kind of money? Simple. Hackers, cybercriminals, hacktivists, and nation- states have learned to monetize their opportunities. While researching the Dark Web, researchers were able to find out how much your data is worth.

And they learned what it costs to do things like DDoS-as-a-Service:

  • Social Security Number: $1
  • DDoS as a Service: A DDoS attack service typically ranges between $7-$25 an hour. However, depending on the target and size, prices are highly variable. A DDoS attack can cost from $5 for a 300-second attack to $400 for 24 hours or more.
  • Medical Records: >$50
  • Credit Card Data: $0.25 - $60
  • Bank Account Info: >$1,000 (Depending on the type of account and balance)
  • Mobile Malware: $150
  • Malware Development: $2,500 (commercial malware)
  • Spam: $50 for about 500k emails (depending on the number of emails and destination)
  • Custom Exploits: $100k – $300k
  • Facebook Account: $1 for an account with at least 15 friends

Almost anyone (even novice hackers) can hire a malicious actor or download the tools and aim it against a network or an individual organization.

However, beyond script kiddies who can deploy simple DDoS attacks, the current security state is far more complex. New attacks aim to go beyond traditional means of disrupting a network via DDoS. For example, a recent Google Cloud customer was targeted with a series of HTTPS DDoS attacks, which peaked at 46 million requests per second.

To shed some perspective, this was the largest Layer 7 DDoS attack to date. And it was at least 76% more significant than any previously reported Layer 7 DDoS attack.

Here’s why these types of attacks are so challenging to overcome. Not only was there a very high volume of traffic, but there were also more than 5000 source IPs from over 130 countries. The attack leveraged encrypted requests (HTTPS), which would have taken added computing resources to generate.

To overcome this attack, Google had to go to the edges of its network. To support their customer, they needed to detect the DDoS attack early in its life cycle, analyze its incoming traffic, and generate an alert with a recommended protective rule–all before the attack ramped up.

New Security Threats are Real. Hope is Not a Good Strategy

In a world where slow is the new down, we must move away from hope to implementing actual strategies around protection.

From a data center provider’s perspective, these attacks are dangerous. The challenge becomes the multiple threat vectors that emerge from a DDoS attack. Outside of the infrastructure damage, the damage to business and the client base may be even worse. Data center colocation providers must ensure the safety of their telecommunications and network operations.

Maintaining constant connectivity is paramount to a business’s success as a critical infrastructure industry. However, with new DDoS threats, ensuring uptime becomes more challenging.

It’s important to note that specialized DDoS protection systems provide enhanced protection.

Although we’ll cover this later in our article series, it’s important to note that specialized DDoS protection systems provide enhanced protection. This is specifically true when enabling techniques to mitigate these attacks, such as actionable (large-scale) threat lists pulling from multiple threat databases, traffic anomaly inspection, finding traffic baseline violations, using artificial intelligence (AI) and machine learning (ML), and more.

Download the entire special report, The Security Gap: DDoS Protection in a Connected World, featuring A10, to learn more. In our next article, we'll focus on you, the data center operator, and how DDoS impacts the daily lives of data center professionals.

About the Author

Bill Kleyman

Bill Kleyman is a veteran, enthusiastic technologist with experience in data center design, management and deployment. Bill is currently a freelance analyst, speaker, and author for some of our industry's leading publications.

Sponsored Recommendations

Optimizing AI Infrastructure: The Critical Role of Liquid Cooling

In this executive brief, we discuss the growing need for liquid cooling in data centers due to the increasing power demands of AI and high-performance computing. Discover how ...

AI-Driven Data Centers: Revolutionizing Decarbonization Strategies

AI hype has put data centers in the spotlight, sparking concerns over energy use—but they’re also key to a greener future. With renewable power and cutting-edge cooling, data ...

Bending the Energy Curve: Decoupling Digitalization Trends from Data Center Energy Growth

After a decade of stability, data center energy consumption is now set to surge—but can we change the trajectory? Discover how small efficiency gains could cut energy growth by...

AI Reference Designs to Enable Adoption: A Collaboration Between Schneider Electric and NVIDIA

Traditional data center power, cooling, and racks aren’t sufficient for GPU-based servers arranged in high-density AI clusters...

Courtesy of Stream Data Centers
Image courtesy of Stream Data Centers

The Rise of the “Fake” Data Center Developer — And How to Tell the Difference

Stream Data Centers’ Co-Managing Partners expand on the problem of “fake” data center developers and explain how investors and end users can separate the wheat from the chaff....

White Papers

Dcf Venyu Wp Cover 2021 07 12 7 15 51 233x300

The Business Case for Data Center Geo Diversity

July 13, 2022
Geo diversity, or shortening the distance that your data travels, will allow you to reaching your user bases more effectively, and create better customer experiences. This white...