The 10 Worst Data Breaches of 2013 Distributed denial-of-service (DDoS) attacks certainly aren’t new. I’ve been talking about them for years. However, they have been changing. The traditional style of attack, the flood-the-target type that crashes a website, is still going strong. But now we are seeing an increase in application-layer attacks that have the […]
The 10 Worst Data Breaches of 2013
Distributed denial-of-service (DDoS) attacks certainly aren’t new. I’ve been talking about them for years. However, they have been changing. The traditional style of attack, the flood-the-target type that crashes a website, is still going strong. But now we are seeing an increase in application-layer attacks that have the same goal: Systems go down, resources are unavailable and the victim is scrambling to fix everything.
Recently, Vann Abernethy, senior product manager for NSFOCUS, talked to me about the changing DDoS landscape. Something he has noticed is how DDoS attacks are being used as smokescreens to cover up other criminal activity. He said:
In fact, the FBI warned of one such attack type back in November of 2011, which relies upon the insertion of some form of malware. When the attacker is ready to activate the malware, a DDoS attack is launched to occupy defenders. In this case, the DDoS attack is really nothing more than a smokescreen used to confuse the defenses and allow the real attack to go unnoticed – at least initially. Considering that most malware goes undetected for long periods of time, even a small DDoS attack should be a huge red flag that something else may be going on.
Abernethy adds that another trend he’s seeing is that the DDoS attack itself may be a bit more sinister. For example, a DDoS attack could be masking a simultaneous attack that is probing for vulnerabilities. He said:
It’s like a recon team sent to look at an enemy’s position while they’re under some sort of long-range barrage. In general, basic probing will likely be caught if the victim has even modest security protections. But while under the duress of a DDoS attack, the very systems charged with either blocking or alerting suspicious activity might be under too much strain.
Abernethy provides several solutions to protect against these emerging DDoS attack styles. One way is to have multiple teams set up to respond to DDoS attacks. One team would work on the DDoS attacks themselves; another team would be responsible for searching for other possible, hidden attacks. For the trend that involves probing, IT and security departments may want to deploy application security testing, and all applications used by the company should be subjected to the testing.
DDoS attacks can be devastating to a company, interrupting vital customer interactions and ruining company reputations. The more we know about them, the better chance we have at protecting the company from any serious damage, if not preventing them altogether.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
