It is not a surprise that internet service providers (ISPs) have become top targets for DDoS attacks because a network shutdown directly impacts customers using those services daily.
Hence, the prime goal of DDoS attackers is to render ISP services inaccessible for an extended period of time. For the ISPs, the longer the time taken for the DDoS mitigation solution for found the solution, the higher the disruption and damage.
Do Attackers prefer attacking bigger ISPs?
Taking this into consideration, attackers using DDoS attacks like to target larger ISPs. This disrupts the state bodies, scientific institutions, academic infrastructure, and other key bodies of a country. However, attacking smaller ISPs is equally lucrative because their bandwidth is less, they are more vulnerable, and can hence be easy targets.
Keeping in mind the recent DDoS attacks and including the ones taking place during the last two years, there have been attacks that are worth noting. DDoS attackers targeted the largest ISP provider in Belgium and numerous small-scale ISPs in the Republic of Ireland as well as Northern Ireland and the Netherlands.
Both events adversely affected the user experience of users. Victims not only suffered from poor experience but small and medium business owners including large businesses and organizations suffered losses and damages.
The case of Belnet – what happened to it?
Belnet is a government-funded internet service provider for Belgium especially its educational institutions, research centers, scientific institutes and government bodies as well as state services.
The company became a victim of a damaging DDoS attack last year, which took down the websites of more than 200 organizations across the country. As per the Brussels Times, the attack prolonged its duration and stopped after a long time.
Technical Director at Belnex, Dirk Haex revealed that the attack’s perpetrators were constantly changing their strategies and tactics. This made attack countering and neutralization more difficult.
Attackers targeted ISPs in the Republic of Ireland – what to learn from it?
Another series of DDoS attacks took place in the Republic of Ireland. Here, numerous Irish ISPs were knocked down by DDoS attackers. They demanded ransom in Bitcoin payments. A leading Irish Newspaper mentioned that cavities were aware of ongoing DDoS attacks as well as the ransom demands.
But, they were hesitant to publicly address the issue. They had fears that it could be mixed with ransomware attacks that hurt the services of the Health Service Executive (HSE), the leading state healthcare services provider in the country.
The interim CEO of the Internet Neutral Exchange Association, Eileen Gallagher, stated that a certain number of internet service provider networks of varying sizes and scales were taken down by DDoS attackers. They were intermittently attacked and targeted with DDoS attacks for weeks.
Why were companies unable to block DDoS attacks? And continued suffering from them?
Despite the fact that organizations deployed top-of-the-line DDoS attack mitigation systems, damaging DDoS attacks are still happening, and are bringing down both systems and organizations!
Cheap DDoS Protection as a tag has been used by many cybersecurity companies, but only a handful was able to provide top-of-the-line protection at competitive prices. Even those who charged a premium have been heckled down badly too.
Does DDoS attack mitigation software require manual configuration?
A lot of DDoS mitigation systems are well created and well designed through unique coding to stop DDoS attacks right in their tracks. However, a lot of them require manual configuration which often happens only after an attack took place instead of before the attack. Additionally, DDoS attacks today are now smarter, faster, and more complex in terms of identification and stopping them.
A DDoS attack mitigation solution is configured to block identified vectors, but they lack automatic reconfiguration abilities in real-time to block new variants of DDoS attack vectors. As a consequence, the inefficiency of such a solution raises the DDoS mitigation gap, and attacks successfully bypass the systems causing downtime that is potentially damaging.
This is the reason numerous companies suffer a lot of downtime and related issues from DDoS attacks as the DDoS posture of such software is hardly complete.
What may be the recommended solution?
Companies need real-time visibility of their networks so they can close the vulnerabilities and gaps before attackers can exploit them. But a lot of times, companies lack insights on vulnerability points that can face a DDoS attack. Thus they are unlikely to be able to block a DDoS attack.
Add Comment