Market Landscape: The Botnet Ecosystem

Launching a DDoS attack is much more accessible to attackers thanks to the rise of cloud computing, cheap hosting, readily available bandwidth and open-source attack tools. From low-skilled teenagers aiming to cheat while playing online games to cybercriminals looking to supplement their income by renting out their botnets for opportunistic attacks, the DDoS-for-hire market is booming.

The Botnet Ecosystem 

Botnets utilized in DDoS attacks vary greatly in size and potency, from as small as a dozen compromised computers to as large as over one million devices. For example, a recent DNS-based DDoS attack that caused significant portions of the east coast of the United States to experience connectivity issues to certain websites involved a flood of malicious requests from up to 100,000 malicious endpoints. Botnets are comprised of computers, smartphones, servers, routers, printers and even IoT devices like networked refrigerators. With more devices continuously connected to the internet, the available pool of devices that could be used as botnets has increased. Attackers can now rapidly identify and leverage thousands of compromised devices and harness their bandwidth to launch DDoS attacks that can overwhelm even the most prepared networks.

Mitigating DDoS Attacks by Botnets 

Download the Verisign DDoS Trends Report for an in-depth look at trends in DDoS attacks.

Because most DDoS-for-hire services frequently share similar characteristics, identifying popular DDoS techniques can help companies mitigate and defend against a variety of DDoS attacks. However, there still is a human element involved. Since most DDoS attacks are concerted efforts by live attackers to bring down a network, many of the attacks start out as one type of attack, but then morph into something new or different. Consequently, organizations need to have access to a high level of expertise and experience in combatting these complex hybrid DDoS attacks. Having a solution that includes monitoring of traffic behavior, the ability to defend against not only network, but also application layer attacks, and the flexibility to transfer large attack traffic to a cloud-based DDoS provider can help to alleviate dangerous threats and costly attacks.

For more on trends in DDoS attack and mitigation, download the quarterly Verisign DDoS Trends Report.


Michael Kaczmarek

Vice President, Product and Marketing Michael Kaczmarek heads product management and marketing for Verisign’s Security Services product suite. He is responsible for developing the vision, strategies, and tactics for the successful launch and expansion of products into new and existing markets. Michael has been with Verisign for more than 16 years and has served in various capacities including director of... Read More →