Menu

Blog

Make sure your DDoS Mitigation Solution is resilient to all DDoS attack vectors

Make sure your DDoS Mitigation Solution is resilient to all DDoS attack vectors

DDoS Attacks on rise

In February 2019 a new type of botnet attack called Cayosin hit DDoS defences around the globe. Cayosin was assembled from elements of Mirai, Qbot and other malware. The intriguing factor was that Social Media like YouTube & Instagram but not the dark web, was used to advertise Cayosin as a DDoS Service. New research from Kaspersky, DDoS attacks in Q1 2019, show that all DDoS attack statistics increased during the last quarter, for example:

  • The total number of attacks climbed by 84%
  • The number of attacks which had a duration of over 60 minutes during Q1 doubled
  • Segment of extremely long attacks posted a massive 487% growth
  • It can be concluded that many new and smart versions of updated older Botnets were found to have brought the systems down

With data like the above, how can you ensure that the DDoS Mitigation Solution you have deployed is resilient enough to tackle any kind of new or existing DDoS attack vector?

DDoS Mitigation Gaps

When relying on a DDoS Mitigation Solution, one should remember that unlike other automated security devices e.g. Firewalls, IPS etc. DDoS Mitigation must be manually configured and fine-tuned to protect your online network from DDoS attacks. It can also be noted that a pre-configured Mitigation Solution is continuously challenged by

  • Misconfigured DDoS mitigation policies
  • Changes to the production environment
  • New and Improved attack vectors

The above 3 points can create DDoS Mitigation Gaps that need a proactive approach to detect, fix and close.

The DDoS Radar®

Acts as a detector to continuously 24/7 identify DDoS Mitigation Gaps. It then alerts the companies with a user-friendly report, to proactively work with the Mitigation Vendor to fix DDoS mitigation gaps identified (Figure 1) . DDoS Radar® goes beyond the hassles and limitations of traditional DDoS Penetration Testing. The DDoS Radar® proactively ensures that your DDoS Mitigation Solution always works for you. The only way to accomplish this level of protection without disrupting your ongoing business operations, is with the DDoS Radar®.

# Attack Type Target Sent Recieved Results* Profile
53 PSH-RST-FIN-FLood 88.202.***.*** 460,935kbps 0kbps PARTIAL PASS CPE_F5
54 DNS Response 88.202.***.*** 13,547kbps 13,511kbps FAIL CPE_F5
55 DNS 88.202.***.*** 12,214kbps 8,100kbps FAIL CPE_F5
56 DNS Response 88.202.***.*** 13,502kbps 13,476kbps FAIL CPE_F5
57 HULK Test 88.202.***.*** 3cps 2cps PARTIAL PASS CPE_F5
58 Empty Connection Flood(F) 88.202.***.*** 11.413cps 5,329cps FAIL CPE_F5
59 DNS Response 88.202.***.*** 14,308pps 14,215pps FAIL CPE_F5
60 DNS SEC 88.202.***.*** 12,134pps 7,815pps FAIL CPE_F5

Figure 1: Snippet of DDoS Radar Report. IP Addresses have been blinded for security purpose.

The DDoS Radar is an essential component of any DDoS Mitigation Solution and ensures your DDoS Defences are working against new and existing DDoS Attacks 24/7.

Register today for the webinar to know how DDoS Radar® can bring down the industry average DDoS risk (48%) to levels of 2% and under.

Please contact us at sales@caretower.com or call us on 0208 372 100

Make sure your DDoS Mitigation Solution is resilient to all DDoS attack vectors

Sign up for our Newsletter

* Denotes a required field.