Distributed denial-of-service (DDoS) started out as an inconvenience: They were a roadblock that kept customers from getting at systems.
That’s bad enough. Keeping availability away from customers via DDoS can have a painful impact on businesses as they find their doors blocked to customers, keeping them from making transactions.
But over the years, DDoS attacks have evolved regarding level of sophistication, metrics and the techniques that threat actors employ.
According to Peter Klimek, director of technology in the office of the CTO at Imperva, DDoS attacks have blossomed into what he calls a huge business for cybercriminals. “Looking at it from a business perspective, that’s really the big impact and are why businesses should start considering DDoSes as “a consistent and persistent threat.”
“As a whole, there’s really a low barrier to entry in order to actually perform the [DDoS] attack itself,” he said. “And there’s a high capacity for damage or a high potential for it leading to damage.”
Take the services known as booters, aka stressors: “They can be had and used for as little as the price of a cup of coffee,” Klimek observed, and “Even a small scale DDoS attack can cause disruption.”
Because of the low technical acumen that’s required to launch lower-scale attacks, a poorly defended network can be taken down “for as little as a hundred dollars.”
Klimek visited the Threatpost podcast recently to discuss the evolution of DDoSes and other trends that he and his team have unearthed.
Listen to the full podcast below, or download it directly here.
It’s time to evolve threat hunting into a pursuit of adversaries. JOIN Threatpost and Cybersixgill for Threat Hunting to Catch Adversaries, Not Just Stop Attacks and get a guided tour of the dark web and learn how to track threat actors before their next attack. REGISTER NOW for the LIVE discussion on September 22 at 2 PM EST with Cybersixgill’s Sumukh Tendulkar and Edan Cohen, along with researcher and vCISO Chris Roberts and Threatpost host Becky Bracken.