Does your business host its website and other digital services with in-house servers? Do you use a DDoS mitigation appliance to detect malicious traffic and activate a cloud-based failover solution in the event of a DDoS attack?
If you answered "yes" to both questions, hackers have invented a new type of DDoS attack that could really ruin your day.
What Is a Pulse Wave DDoS Attack?
In August 2017, DDoS mitigation firm Incapsula identified a DDoS attack targeting one of its customers. The attack didn't fit the usual profile of DDoS attacks, which often take several minutes to reach their full traffic output due to the amount of time usually required to activate thousands of compromised computers and Internet appliances around the world.
This attack -- which Incapsula called a pulse wave DDoS attack -- reached its peak traffic output of 350 Gbps in seconds.
The attack continued in pulses, hitting the cloud network for brief moments before disappearing and returning again later. Incapsula noted that the sophistication of the attack suggested that hackers of great skill were behind it.
What Is the Purpose of Pulse Wave DDoS Attacks?
Following a successful DDoS attack, it may take the owners of a victimized network several hours to restore all services. A DDoS attack only renders a network completely inaccessible, though, while the attack is taking place. Because a traditional DDoS attack can take several minutes to reach its full throughput, changing targets is also a slow process.
The perpetrators of the pulse wave DDoS attack have demonstrated that, with more sophisticated methods, it is possible to mobilize the full strength of a botnet in seconds rather than minutes. By changing targets rapidly, the perpetrators of a pulse wave DDoS attack can effectively attack several targets simultaneously. Before a victimized network can fully recover from one attack wave, the next wave begins.
Pulse Wave DDoS Attacks Break Hybrid Mitigation Strategies
The traditional hybrid DDoS mitigation strategy relies on an appliance that acts as a gatekeeper to the inner sanctum of a business's online services. The appliance scans all incoming traffic for the signs of a DDoS attack.
If an attack occurs, the appliance automatically routes all traffic to a cloud-based traffic scrubbing service. The traffic scrubbing service rejects the DDoS traffic and sends legitimate traffic back to the business. The business's services remain online, and the cloud bears the brunt of the DDoS attack.
Hybrid DDoS mitigation works because a traditional DDoS attack takes several minutes to reach its peak network throughput. By the time the attack ramps up, the mitigation appliance has already detected the illegitimate traffic and activated the cloud-based failover solution.
With a pulse wave DDoS attack, though, a DDoS mitigation appliance doesn't have enough time to analyze the traffic and activate the failover. The attack immediately overwhelms the appliance and prevents it from connecting to the cloud service.
Since the attack effectively cuts off the business's ability to communicate with the outside world, there is no recourse except to wait for the attack to end.
How a Cloud-First Solution Mitigates Pulse Wave DDoS Attacks
The best way to prevent a pulse wave DDoS attack from affecting your business is with a cloud-first mitigation strategy.
If you aren't using an in-house DDoS mitigation appliance, then you don't need to depend on your business's Internet connection to have the bandwidth necessary to weather the attack long enough to activate the failover solution.
With a cloud-first mitigation strategy, the cloud service provider -- rather than your own DDoS mitigation appliance -- acts as the gatekeeper to your network and automatically rejects fraudulent traffic when a DDoS attack occurs. Since a cloud-based DDoS mitigation solution is always available, there's no need to worry that a DDoS attack could compromise your business's Internet connection before you can activate your failover solution.
The new pulse wave DDoS attack strategy effectively subverts one of the most common methods of DDoS mitigation, illustrating that the fight against cybercrime never truly ends.
Your business needs to remain abreast of security trends and proactively adopt new solutions before emerging threats can strike. One of the greatest benefits of cloud-based DDoS mitigation is that it isn't something you need to think about. You've got someone in your corner defending your business against
You've got someone in your corner defending your business against cyber criminals so you can focus on the more important job of serving your customers.