As web vandalism, hacktivism, and cyber espionage reach endemic proportions, DDoS attack prevention is becoming a key information security concern for the enterprise. A distributed denial of service attack, or DDoS attack, can be devastating, costing firms millions of dollars every year in lost productivity and lost revenue from downtime and reduced site performance.
Further, considering the attacks of hacktivist groups like the Syrian Electronic Army on "soft targets", or websites targeted simply because of their vulnerability, it is clear that any organization without an effective DDoS prevention solution can become victim to a costly cyber attack.
To carry out DDoS attacks, hackers employ brute force attacks, phishing and other methods to distribute malware to personal computers and servers—building a network of remotely controlled zombie machines, or botnets. Used to generate large amounts of traffic on sites, botnets can slow down server performance, consume bandwidth and eventually render websites and services unavailable to legitimate users. Due to the distributed, volumetric nature of this type of attack, DDoS attack prevention can be difficult for enterprises lacking the capacity to absorb such a threat.
Moreover, over the past few years, DDoS prevention has become even more challenging as cyber attacks have grown not only in scale but in sophistication, bypassing traditional firewalls and taking advantage of vulnerabilities in web applications. DDoS attack vectors have shifted from the network and transport layers to the application layer as cyber criminals take advantage of layer 7 protocols for amplification purposes. As a result, hackers are able to generate large-scale attacks with fewer machines and fewer connections—connections that appear to be used legitimately—making this method of attack both efficient and stealthy.
Because of the limitations of on-premise network security tools like firewalls and intrusion prevention systems, and the doubtful cost-effectiveness of over-provisioning bandwidth to counter DDoS threats, companies that want a comprehensive, on-demand DDoS attack prevention solution are turning to cloud-based web security.
This is why more and more organizations are choosing to leverage the many capabilities of the Akamai Intelligent Platform, a globally distributed content delivery network that complies with rigorous PCI standards for data security. We offer our customers: