DDoS attacks: businesses in all sectors are vulnerable

From 50 to 300 Gbps in one year

When it comes to cybercrime, there are probably as many scenarios as there are criminals. With DDoS (distributed denial-of-service), the real surprise is the exponential growth of attacks targeting both companies and individuals. “If the average volume of requests sent simultaneously was 50 Gbps in 2020, it has now increased to 300 Gbps. We’re talking about 60 million packets per second during an attack. Suffice to say that no classic protection can counter such an attack,” says Mounir Senhaji, Security Consultant and DDoS specialist at Proximus.

Storming of IT infrastructure

The result of a successful attack is server bandwidth saturation or even system resource exhaustion. Effective protection against these attacks requires a solution capable of mitigating attacks at the level of the Internet provider. This also needs to be complemented with an on-site solution capable of blocking application attacks.

Patterns

Thimo De Souter, Security Specialist at the Proximus partner Davinsi Labs, notes several reasons for these attacks: “Financial motivation, of course, with ransomware. The objective can also be the destabilization of a competitor. I would even say an attack could be a demonstration of ideological or political beliefs, in digital form. At exam times, you can also see an increase in DDoS attacks carried out by bored students.”

“We are even witnessing the worrying emergence of illegal as-a-service solutions that allow anyone to trigger a DDoS attack,” says Senhaji.

If all organizations are targeted, the largest structures often have to deal with the most sophisticated cybercriminals.

Mounir Senhaji - Security Consultant and DDoS Specialist at Proximus.

All economic sectors

The rise of remote working is a dream come true for cybercriminals. More connections mean a greater risk of breaches. According to Senhaji, no sector is spared. “Banks, of course, but the health sector, retail, and education have all been hit hard. The attacks have more and more impact and follow a well-established playbook. The watchword is anticipation, and of course we support companies with tailor-made solutions.”

Analyze, configure, and test

Technically, DDoS can be controlled upstream. De Souter offers a step-by-step plan. “Map existing infrastructure and remove any obsolete or unused systems exposed to the Internet. Critical systems must then be analyzed to determine the protection budget you need to allocate to them. Last but not least, test the anti-DDOS configurations using, for example, the simulation tool from Davinsi Labs.”

“Cloud and on-site anti-DDoS solutions have their advantages and limitations. They complement each other. DDoS is a matter of time, regular testing and long-term maintenance,” adds Senhaji.

Real-time simulation

“If all organizations are targeted, the largest structures often have to deal with the most sophisticated cybercriminals.” There’s nothing like a simulation to prepare you. “After the infrastructure test, we can also run more targeted tests: the VPN server or the home page of an e-commerce site for example. The simulator searches for vulnerablilities, just as the criminal would. We then formulate a simulation proposal based on an attack on the volumetric or application layer,” explains De Souter.

Effective (and sometimes surprising) results

Thanks to the dashboard, the customer can follow a simulated attack in real time. “The final report gives a precise overview of the vulnerabilities and the measures that need to be taken. The goal is for the client to become aware of their situation. Our experience shows that even organizations that are already protected can be surprised by the results and the fragility of their position. A poor configuration or too small a perimeter is often the root of the problem,” says De Souter.