Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
When it rains DDoS attacks, it pours.
Distributed denial of service attacks are plaguing more businesses than ever before, telecom provider Zayo found in a recent report.
The number of DDoS attacks across North America and Western Europe rose 314% YoY in the first half of 2023, according to Zayo, with especially concentrated activity in the manufacturing, media and entertainment, and cloud and SaaS industries. Customers in the healthcare, finance, and government sectors were also prime targets, the study said.
In a news release, Zayo named DDoS attacks “the most common” type of cyberattack, noting that even small attacks can be devastating, taking down systems for hours at a time and resulting in “lost money, time, customers, and reputation.”
Anna Claiborne, a software engineering SVP at Zayo, likened these attacks to a telephone operator who gets overwhelmed with the volume of incoming calls and can only put new callers on hold.
“They don’t actually get to deal with any of those calls. So it’s the same thing that happens with a web server once it’s under DDoS attack,” Claiborne told IT Brew. “All legitimate users just go unanswered.”
While telecom companies saw the most frequent attacks, those experienced by the government sector typically lasted the longest, the report said. The results are based on 70,000 data points Zayo collected from its customers in North America and Western Europe between January and June 2023, then compared to data Zayo gathered from the same time period last year.
Claiborne told IT Brew that increased global internet traffic also means increased DDoS activity.
Companies that have valuable data troves or play critical infrastructure roles—such as media companies with interesting IP like unreleased films, or manufacturing operations that act as a valuable supply chain link—should be especially proactive about taking preventive measures to guard against DDoS attacks, she said.
“There’s definitely some verticals that are more at risk than others,” Claiborne said. “If you have a business in those verticals, you especially want to look into getting some sort of DDoS protection because you aren’t flying under the radar, no matter how much you think you are.”
To thwart DDoS attacks, users typically need specialty hardware and a hefty reserve of extra bandwidth—resources that can be hard for individual companies to muster, Claiborne said. She noted that most telecom providers offer some form of baseline DDoS protection, and enterprises can engage additional “fire insurance” policies.
“Providing internet service and providing DDoS mitigation are completely inseparable anymore,” she said. “If you are providing access to the internet, I think there’s sort of this reasonable expectation from most consumers that you’re also going to provide protection from the dangers that are out there, to some extent, on the internet.”