Ad Here  
2012 – year of the DDOS Tablets for all... Maintaining Data Privacy Shop with a click Explosive expansion... Your privacy – Government’s business! … and they are back again… Wave 3 Moving towards BYOT… Clipping the butterfly’s wings Riding the Data Wave Untapped segments... Steering technology through SMS ICT – crystal ball gazing In the age of technological disruption... Sustainability and technology – the Grundfos thrust Sholinganallur to Siruseri Net access through balloons... PM favours GM technology A heavyweight in space tech Cost effective services and better network control Why this anti-science stance? Take a bite of Google’s KitKat Android app to help paralysed people The real hero in India’s battle against black money Free the NET... India Innovates More Smartphones to surface! When the setting itself becomes the protagonist The case of Insider Fraud Financial transactions of the future… Living with it... “PhoneSat”, successfully launched Money in a minute! Who bit Whom? Voyage to the red planet In a connected world...
2012 – year of the DDOS
What does it cost an organisation that is suffering downtime of their critical operations or client-facing services. 26 per cent of those who were surveyed by Neustar put it at between $50K and $100K per hour while the rest 74 per cent put it at between $10K and $50K per hour.
I AM NOT the only one to be guilty of focusing on DDOS almost throughout the second half of 2012 and first quarter of 2013; many others too did so. The trigger for this piece and the motivation for the title is a recent research report published by Neustar with the title: Hope is Not a Strategy. How very well this title tells about the one important lesson to those who manage or mismanage networks! Reviewing 2012 in the context of reported DDOS this research summarises the position: “in comparing threats to readiness, the answers aren’t encouraging.”

Are they have mere nuisance value?

Are these DDOS attacks that serious to warrant repeated attention and serious efforts to counter them? Are they not mere nuisance value? Will they not stop after a few hours of down time? Yes, but let us understand what this translates into business and monetary terms. Multiple estimates are available on what does it cost an organisation that is suffering downtime of their critical operations or client-facing services. 26 per cent of those who were surveyed by Neustar put it at between $50K and $100K per hour while the rest 74 per cent put it at between $10K and $50K per hour.
Understandably, the telecom sector had the largest number of respondents putting a higher $-value to the loss occasioned by non-availability of services. CNBC reported recently that during the early part of 2013, US banks that were the primary targets of DDOS attacks and reported being offline for at least 249 hours. At a conservative estimate of $ 50K per hour, these banks lost close to $12.5 million by just being off-line. Before we are relieved that the losses are in the manageable bracket, a couple of caveats need to be considered. Firstly, 2013 saw less intense DDOS attacks on banks compared to 2012 since the banking sector had quickly put in place a whole range of counter measures and whipped up internal discipline and user awareness. Secondly, the loss that we have computed is just the lost revenue from operations and does not include any numbers for loss of brand equity, eroded customer trust, cost of repairing and remedying the systems, etc.

Customer frustration...

An ITES CEO pointed to me another dimension of this problem. He was talking of the customer panic and clogging the call centre lines resulting in longer wait times resulting in customer frustration. He told me that the standard question that is asked first relates to his credit card and on-line banking credentials: Can you assure me that my card is not compromised and no one has taken money from my account? Whenever an attack had resulted in downtime of the website or the network traffic had slowed down, customers relate their on-line account and credit cards to ‘every’ kind of issue that crops up in the customer interface.

E-commerce businesses appear to be more vulnerable. 12 per cent of the e-commerce businesses that experienced downtime reported that their average loss during downtime exceeded $100K per hour while the average downtime reported was at par with the pattern seen by their brick-and-mortar counterpart. 38 per cent of e-commerce businesses estimated that their average downtime due to DDOS attacks was greater than 24 hours and the corresponding figure to hybrid businesses – conventional and electronic coexisting, was 36 per cent.

As small as 2 Gbps can down a site

The magnitude of the downtime and the staggering losses that are reported would lead one to believe that these attacks are sophisticated, requiring high speed packet throughout and a massive bandwidth to execute successfully. A quick review of what had happened during 2012 based on the post mortem reports of various successfully executed DDOS attacks point to the contrary. Industry experts are of the view that a well-crafted, multi-vector attack of small bandwidth; as small as 2 Giga bits per second(Gbps) can take down a site. A large proportion of the reported attacks during 2012 happened with bandwidths as low as 100 Mbps, a value considered very common in today’s ubiquitous networks. 14 per cent were between 101Mbps and 1 Gbps while only 13 per cent were in the range of 1 Gbps and 5 Gbps. This points to the break down of the bandwidth threshold for launching a DDOS attack on commercial networks and removes one barrier to entry that existed earlier when huge bandwidths were needed  to bring down a site.

A second barrier to entry that existed earlier for those wanting to architect a DDOS attack was the speed of packets used for launching and sustaining the attacks. PPS or packets per second is a standard measure of the speed of traffic that flows through a network and this too, like the bandwidth, has cost and implementation constraints making it difficult for all and sundry to launch an attack with appropriate speeds. Analysis of 2012 DDOS attacks point to the very steady decline in the threshold value of PPS for successful launch of DDOS attacks. 73 per cent of the 2012 DDOS attacks studied point to the use of speeds less than 100 KPPS (Kilo PPS) with less than 3 per cent at the high end speed of 5 MPPS (Mega PPS).

How are corporations responding to this lowering of threshold of key parameters that determine the efficacy of a DDOS attack? Clearly it cannot be deploying more people to monitor or run the regular tools. The response required is best articulated in an IDC report titled Worldwide DDOS Prevention Products and Services 2013-2017 Forecast which concludes that “for those organisations that determine they are most at risk and have made the decision to invest budget in a comprehensive DDOS strategy, IDC finds it should include the following: a mix of on-premise and cloud monitoring and mitigation managed internally or externally or a combination of the two.”

The increasing number of organisations being successfully targeted for DDOS attacks; the increasing average downtime during each attack along with rising $-value of such downtime; the decrease in the bandwidth and reduced packet speed requirements have collectively heralded DDOS to being a cyber attack of its own class. This transformation happened in 2012.
Author :
Reported On :
Sector :
Shoulder :
IE, the business magazine from south was launched in 1968 and pioneered business journalism in south. Through the 45 years IE has been focusing on well-presented and well-researched articles. When giants in the industry stumbled to keep pace with the digital revolution, IE stayed affixed embracing technology.
Read more
Economist Communications Ltd is committed to ensuring that your privacy is protected.
Read more
You agree that your use of this Website and the purchase of the magazine will be governed by these terms and conditions.
Read more
S-15, Industrial Estate,
Chennai - 600 032.
PHONE: +91 44 22501236