Denial of service attacks up 22pc year-on-year

14 Mar 2011

There has been a 22pc increase in the number of distributed denial-of-service (DDoS) attacks, says Trustwave. The company’s Web Hacking Incident Database points to a lack of properly managed defences in businesses.

DDoS as an attack vector and notable trend for the second half of 2010 was successful in disrupting commerce and bringing down websites of large businesses and associations.

Denial of service attacks jumped to the No 1 attack vector, up 22pc, as compared to the first half of 2010. 

Website downtime is far from the traditional intended outcome of an attack, which is typically hacking for profit. As a result, most businesses were not equipped to handle such an attack because they had not tested, nor properly implemented, anti-automation defences for their web application architectures.

Our study found that most businesses wrongly assume that network hardware will stop DDoS attacks, or believe their website will not be targeted by such attacks.

But the increase in this attack vector proves that businesses, both large and small, should test their website limitations to better understand how their applications will respond to such an attack.

As the paradigm shifts from attacking the network to attacking the application, web application firewalls can help businesses monitor application performance metrics.

Attacks against Government agencies resulted in defacement in 26pc of attacks, while the finance sector experienced monetary loss in 64pc of attacks and retail was most affected by credit card leakage at 27pc.