The DDoS Threat Spectrum

Bolstered by favorable economics, today’s global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously. This DDoS threat spectrum includes conventional network attacks, HTTP and SSL floods, and an emerging wave of low-bandwidth threats, plus the new threat vectors likely to target emerging service platforms.

The world is becoming increasingly connected electronically, expanding markets and reducing the inefficiencies of doing business across borders. Services can be hosted anywhere and customers can be served from anywhere as the Third World catches up to the First World’s broadband penetration. Emerging market territories often lack proper client control, however, and malware infection rates are high. When these malware clients are directed by centralized command-and-control servers, they become “botnets.” The sheer number of client machines involved in botnets provides enormous load-generation capacity that can be rented cheaply by any party with an interest in disrupting the service of a competitor or political target.
Today’s global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often all at the same time. Though DDoS attacks have been with us for decades, the scope, nature, and magnitude of the DDoS threat spectrum have evolved significantly over time.