Search form

On-Demand Webinars

Transforming IT into the Enterprise Innovation Engine
The Future of IT Operations - AIOps, Observability and Beyond
Solving the SLO Riddle: Why SLOs Aren't Enough
Taking Web Performance to the Next Level
Equinox levels up its observability fitness with Elastic
Measuring Real-World Performance of DNS Solutions
Introducing Internet Stack Map
What's New at Catchpoint! Spring 2024 Product Launch Event
Master Class: Optimizing CX through 4 Pillars of Internet Resilience
Avoid Observability Failure: Hybrid Enterprises Must Complement APM with Internet Performance Monitoring
Observability Trends: Key Considerations for Modern Observability
Navigating Today's I&O Landscape: Leveraging Cloud, Hyper-Convergence and Observability
Master Class: Monitoring from Your Users' Perspective
2024 Tech Trends: 10 Predictions for Tomorrow's IT Evolution
The SRE Report 2024: What the Charts Don't Tell You
2024 Security Trends: How Generative AI Is Changing the Threat Landscape
Getting the Most Out of Elastic Observability & New Features
Tales from the trenches: Security leaders share insights on protecting higher education
The Impact of AIOps and GAI on Modern Observability
Countering Internet Complexity with AI-Powered Internet Performance Monitoring
Maximizing Customer Lifetime Value: Transforming Ecommerce with AI-Powered Search
AI Meets Search: Powering a New Generation of Insights
Behind the Scenes: Rocket Lawyer's Secret Sauce for Uninterrupted Digital Legal Services
3 Tips to Supercharge Your Application Tracing
What's New at Catchpoint! Fall 2023 Product Launch Event
Demo of Internet Sonar: From Disruption to Instant Detection
Harnessing the Power of Generative AI in Retail
Expert Insights: Navigating Outages Like a Pro
What's New in Application Monitoring: Maximizing Operational Efficiency with Enhanced Performance Insights
Preventing Outages: Implement an Internet Performance Monitoring Plan

All Webinars...

Analyst Reports

Gartner® Magic Quadrant™ for Observability Platforms 2024
Modern Enterprises Must Boost Observability with Internet Performance Monitoring
Forrester Opportunity Snapshot: Increase Revenue with Internet Performance Monitoring

All Analyst Reports...

White Papers

Level up with distributed tracing: Enhancing application performance with Applications Manager
Top challenges of digitization and how network traffic analysis can help
What is APM: Understanding the Basics of Application Performance Management
What is end-user experience monitoring?
How IT leaders can drive more with less
Internet Resilience Report 2024
Bandwidth throttling - A strategic approach to network bandwidth monitoring and optimization with NetFlow Analyzer
Address multi-client network traffic monitoring challenges with OpManager MSP’s new NetFlow Analyzer integration
Full-stack observability: Implementation, benefits, and ROI
Network traffic analysis for today's IT
The SRE Report 2024
The 2024 Observability Landscape — a survey of observability decision-makers
2024 State of IT Operations Report: Journey to Agility
OpUtils IP scanner for visibility: See everything, manage effortlessly
Digital experience monitoring in Applications Manager
How to monitor Apache web server performance metrics
How IT leaders can drive more with less
Firewall Segmentation
Startup vs. running configuration conflict: Its impact, and how to avoid it
A comprehensive guide to enhance performance and reliability in your storage systems
An IT leader's enterprise guide to drive more with less
Website monitoring in Applications Manager
Synthetic monitoring 101: A comprehensive guide to synthetic monitoring
Beyond deployment: The ongoing challenges in application performance monitoring implementation
How Is IPAM Simplifying Modern Networking?
The Elastic Generative AI Report
Database Monitoring for Beginners: 6 Steps to Get You Started
6 Best Practices for Application Performance Monitoring
Visibility, Scalability, Security: Why IPAM Is the Cornerstone of Robust Data Centers
Real-Time Server Traffic Monitoring: Benefits, Best Practices and NetFlow Analyzer

All White Papers...

Gartner Says 25 Percent of DDoS Attacks in 2013 Will Be Application-Based
February 22, 2013
Share this

Twenty-five percent of distributed denial of service (DDoS) attacks that occur in 2013 will be application-based, according to Gartner, Inc.

During such incidents, attackers send out targeted commands to applications to tax the central processing unit (CPU) and memory and make the application unavailable.

"2012 witnessed a new level of sophistication in organized attacks against enterprises across the globe, and they will grow in sophistication and effectiveness in 2013," said Avivah Litan, VP and distinguished analyst at Gartner. "A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against US banks in the second half of 2012, and this will continue in 2013 as well-organized criminal activity takes advantage of weaknesses in people, processes and systems."

Gartner has identified some of the top 2013 criminal trends and potential safeguards and solutions for firms at risk of attack:

High-bandwidth DDoS attacks are becoming the new norm and will continue wreaking havoc on unprepared enterprises in 2013

A new class of damaging DDoS attacks was launched against US banks in the second half of 2012, sometimes adding up to 70 Gbps of noisy network traffic blasting at the banks through their Internet pipes. Until this recent spate of attacks, most network-level DDoS attacks consumed only five Gbps of bandwidth, but more recent levels made it impossible for bank customers and others using the same pipes to get to their websites.

"To combat this risk, enterprises need to revisit their network configurations, and rearchitect them to minimize the damage that can be done," said Litan. "Organizations that have a critical Web presence and cannot afford relatively lengthy disruptions in online service should employ a layered approach that combines multiple DOS defenses."

Hackers use DDoS attacks to distract security staff so that they can steal sensitive information or money from accounts

Enterprises subject to DDoS attacks should take steps to mitigate potential damage from these attacks. In particular, Gartner advocates cooperation with industry associations to share intelligence that can be acted on collectively and quickly, as well as enterprise investments in fraud prevention technology and the strengthening of organizational processes.

People continue to be the weakest link in the security chain, as criminal social engineering ploys reach new levels of deviousness in 2013

In 2012, several different fraud scams that took social engineering tactics to new heights of deviousness have been reported, including criminals approaching people in person as law enforcement or bank officers to help them through account migration that then comprised their bank accounts.

Gartner recommends deploying layered fraud prevention and identity-proofing techniques to help stop the social engineering attacks from succeeding.

In particular, fraud prevention systems that provide user or account behavioral profiling and entity link analysis are useful in these cases. Call center call analytics and fraud prevention software can be deployed to help catch fraudsters committing crimes via social engineering or by using stolen identities. Customers should also be educated on best security practices to help them avoid phishing attacks and social engineering ploys.

More detailed analysis is available in the report: Arming Financial and E-Commerce Services Against Top 2013 Cyberthreats

Share this

The Latest

4 Insights into Modern Cloud Inefficiency
September 16, 2024

For the last 18 years — through pandemic times, boom times, pullbacks, and more — little has been predictable except one thing: Worldwide cloud spending will be higher this year than last year and a lot higher next year. But as companies spend more, are they spending more intelligently? Just how efficient are our modern SaaS systems? ...

The OpenTelemetry Getting Started Survey: Understanding Users' Observability Journeys
September 12, 2024

The OpenTelemetry End-User SIG surveyed more than 100 OpenTelemetry users to learn more about their observability journeys and what resources deliver the most value when establishing an observability practice ... Regardless of experience level, there's a clear need for more support and continued education ...

Why Data Silos Kill Collaboration
September 11, 2024

A silo is, by definition, an isolated component of an organization that doesn't interact with those around it in any meaningful way. This is the antithesis of collaboration, but its effects are even more insidious than the shutting down of effective conversation ...

8 Takeaways from the State of Observability for Industrials, Materials and Manufacturing Report
September 10, 2024

New Relic's 2024 State of Observability for Industrials, Materials, and Manufacturing report outlines the adoption and business value of observability for the industrials, materials, and manufacturing industries ... Here are 8 key takeaways from the report ...

Enhancing the Availability of Important but Non-Critical Applications
September 09, 2024

For mission-critical applications, it's often easy to justify an investment in a solution designed to ensure that the application is available no less than 99.99% of the time — easy because the cost to the organization of that app being offline would quickly surpass the cost of a high availability (HA) solution ... But not every application warrants the investment in an HA solution with redundant infrastructure spanning multiple data centers or cloud availability zones ...

Top 5 Tips: How to Find the Best Edge Services Observability Fit
September 05, 2024

The edge brings computing resources and data storage closer to end users, which explains the rapid boom in edge computing, but it also generates a huge amount of data ... 44% of organizations are investing in edge IT to create new customer experiences and improve engagement. To achieve those goals, edge services observability should be a centerpoint of that investment ...

5 Ways Government Contractors Can Tackle Digital Transformation
September 04, 2024

The growing adoption of efficiency-boosting technologies like artificial intelligence (AI) and machine learning (ML) helps counteract staffing shortages, rising labor costs, and talent gaps, while giving employees more time to focus on strategic projects. This trend is especially evident in the government contracting sector, where, according to Deltek's 2024 Clarity Report, 34% of GovCon leaders rank AI and ML in their top three technology investment priorities for 2024, above perennial focus areas like cybersecurity, data management and integration, business automation and cloud infrastructure ...

C-Suite Less Confident in Delivering Basic IT Services in the Face of GenAI
September 03, 2024

While IT leaders are preparing organizations for accelerated generative AI (GenAI) adoption, C-suite executives' confidence in their IT team's ability to deliver basic services is declining, according to a study conducted by the IBM Institute for Business Value ...

Millions Lost to Internet Outages: Could a C-Suite Role Help Stem the Tide?
August 29, 2024

The consequences of outages have become a pressing issue as the largest IT outage in history continues to rock the world with severe ramifications ... According to the Catchpoint Internet Resilience Report, these types of disruptions, internet outages in particular, can have severe financial and reputational impacts and enterprises should strongly consider their resilience ...

Gartner: Everyday AI and Digital Employee Experience Are 2 Years Away from Mainstream Adoption
August 28, 2024

Everyday AI and digital employee experience (DEX) are projected to reach mainstream adoption in less than two years according to the Gartner, Inc. Hype Cycle for Digital Workplace Applications, 2024 ...