Verisign OpenHybrid™: An Essential New Approach to DDoS Protection

Distributed Denial of Service (DDoS) attacks are a threat to businesses worldwide and the attacks are getting larger and more sophisticated.  The industry’s approach to protecting against DDoS attacks must change, and change fundamentally, to stay ahead of this growing threat.

For too long, the problem has been tackled piecemeal, using isolated devices or services. But protecting against DDoS attacks increasingly requires communication and coordination between many components – from networking equipment, to specialized appliances and cloud-based services.

A shift in security architecture is needed to an open platform where devices and services from different vendors can share and act on information in concert. It must be a hybrid platform, allowing on-premise routers and security appliances to detect and mitigate attacks locally, while automating alerting and switchover to cloud-based services if an attack threatens to swamp the business’ network connection.

(more…)

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps On The Rise

Verisign just released its Q3 2014 DDoS Trends Report, which details observations and insights derived from distributed denial of service attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services from July through September of this year. Many notable observations were made, including a rise in the average number of attacks per customer, exploitation of the recently publicized SSDP vulnerability and some notable malicious code trends that will likely contribute to increased DDoS attack activity in the future.

(more…)

Verisign Mitigates 300 Gbps DDoS Attack and Other Q2 2014 DDoS Trends

It has been another busy quarter for the team that works on our DDoS Protection Services here at Verisign. As detailed in the recent release of our Q2 2014 DDoS Trends Report, from April to June of this year, we not only saw a jump in frequency and size of attacks against our customers, we witnessed the largest DDoS attack we’ve ever observed and mitigated – an attack over 300 Gbps against one of our Media and Entertainment customers.

(more…)

The Evolving Threat of Amplification DDoS Attacks

If there is one trend in the cybersecurity world over the last 12 to 18 months that cannot be ignored, it is the increasing prevalence and destructive power of amplification-based distributed denial of service (DDoS) attacks.

An amplification attack is a two-part DDoS attack that generally uses the User Datagram Protocol (UDP). An attacker first sends a large number of small requests to unsuspecting third-party servers on the internet. The attacker crafts these requests to result in large responses, but they are otherwise normal except that their source addresses are rewritten (spoofed) so they appear to have come from the victim instead of the attacker. When all the third-party servers send their large responses to the victim, the resulting amount of traffic is much more than the attacker could have generated alone. These attacks often overwhelm the resources of the victim, as attacks in the hundreds of gigabits per second (Gbps) are possible using this method.

(more…)

Introducing the Verisign Quarterly DDoS Trends Report

 Today, Verisign pleased to announce that Verisign is making its inaugural quarterly distributed denial of service (DDoS) trends report available. As the registry for .com and .net and a leading DDoS protection services provider, Verisign has a unique view into online attack trends that enables us to collect attack statistics and behavioral trends that help inform the future outlook for internet cybersecurity.

In our observations, working with customers and industry partners, we have seen DDoS attacks continue to grow in size and frequency over the last few years. Further, attackers have expanded their reach from traditionally enterprise and nation-state targets to include companies of all types and sizes. As attackers evolve their sophisticated techniques and attack vectors, companies that don’t have the major bandwidth or expertise to combat these attacks are at a major disadvantage.

(more…)

Almost Half of Companies Lack DDoS Response Plans

It’s tempting to see the threat of distributed denial of service (DDoS) as noise in the background of cybersecurity discussions, but don’t be fooled. Any risk to your critical web infrastructure can have a severe impact to your business, and given that the frequency, scale and sophistication of these types of attacks are increasing, the threat is very real.

(more…)

Joining Forces to Advance Protection Against the Growing Diversity of DDoS Attacks

You may have seen the news this morning that we have joined forces with Juniper Networks to provide a comprehensive, always on, DDoS solution. At Verisign, we focus on protecting companies from increasingly complex cyber threats, and this relationship should only raise the bar higher, as it will provide a different, more integrated approach than what’s used today, to help ensure faster and more efficient detection and mitigation.

(more…)

How Financial Institutions Can Up Their Game Against DDoS Attacks

With the ease of access to the internet and prevalence of social media today, unsuspecting computer users are making it easier than ever for malicious actors to target them with malcode. This trend has helped provide the perfect environment for Distributed Denial of Service (DDoS) attacks to grow in size, complexity and range of targets. Today’s attacks are not limited to web infrastructure; attackers are increasingly targeting the Domain Name System (DNS) infrastructure as well. This trend has been particularly noticeable in the financial industry, which has been hit hard over the last year.

(more…)

Tips to Protect E-Commerce Website Availability and Security During the Holidays

With the holiday shopping season quickly approaching, internet retailers are gearing up for an onslaught of web traffic – which is great, as long as they have the right measures in place to keep their customers safe and satisfied.

Even one hour of downtime due to a website outage or a malicious attack can have significant impact on a retailer’s reputation and revenue, especially during the holidays, a time which the National Retail Federation says can add up to 40 percent of an online retailer’s annual revenue. With some large e-commerce sites earning millions each day during the holiday season, even a few minutes of downtime can lead to financial losses in the tens of thousands of dollars, not to mention customer frustration.

(more…)

Cloud-Based DDoS Protection and Managed DNS Services Helping to Increase Operational Efficiency and Thwart Large Attacks

As businesses continue to move critical operations online, distributed denial of service (DDoS) attacks are increasing in frequency, sophistication and range of targets. In a 2011 Verisign study, 63 percent of respondents reported experiencing at least one attack that year, while 51 percent reported revenue loss as a result of downtime from the attack. Those numbers are undoubtedly higher today as the size, frequency and complexity of DDoS attacks continue to grow. Mitigation against these types of attacks is challenging and generally requires layered solutions across data centers and the cloud management. The success of these attacks and their ability to damage a company’s infrastructure, revenue and reputation is indicative that many IT managers still haven’t found the right protection formula to proactively mitigate them.

(more…)