• United States



Bad Security PR Watch: FUD with DDoS

Apr 10, 20122 mins
CybercrimeData and Information Security

Welcome to another installment of “Bad Security PR Watch,” where I publicly shame PR folks who use FUD to sell me on a story idea. OK, it’s not exactly a public shaming. I keep names out. I just don’t have it in me to be that cold-blooded.

This one is about the “growing” threat of DDoS attacks. DDoS attacks with a 3,000-percent increase in packet volume quarter over quarter. That’s not a typo. They say it’s a 3,000-percent increase.

Here’s the raw pitch I got:

Media Advisory:  April 10, 2012

(Vendor X)  to announce financial services firms hit by DDoS attacks in Q1 2012 –

Packet volume up 3,000%

–Threefold increase in the number of attacks against financial services clients during Q1 2012 compared to Q4 2011

–3,000-percent increase in malicious packet traffic quarter over quarter

–(Vendor X) mitigated more attack traffic this quarter than it did in all of 2011

–China remains the top source country for attacks but the U.S. and Russia both move up in the rankings

–Data from the Q1 2012 report indicates attackers are evolving their strategies, increasing their firepower and focusing on specific targets. Insights in the report help organizations worldwide be more prepared against the increasing threat of damaging DDoS attacks.

Maybe it’s a bit harsh of me to be picking on this release. They don’t say anything that strikes me as blatently wrong, though I find a 3,000-percent hike in packet volume hard to believe. I could believe 50 percent, 200 percent or even 900 percent. But 3,000 seems to break the pane of reality.

The rest is believable. My problem is that everything is so painfully obvious.

The vendor “mitigated” more attack traffic this quarter than in all of 2011? Every vendor says that. Every quarter. China is a top instigator? That news is as old as the Great Wall of China. Attackers are evolving their strategies and focusing on specific targets? That’s old news, Most companies knew that a long time ago. That’s why they hired you.

DDoSes happen every minute of every day. That’s how it’s been for years. In your next pitch, tell me something new — as in something completely different from the routine. More importantly, if you’ve found some new method companies can employ to blunt the impact of these attacks, please share.