(Page 2 of 2)
As for defensive measures, Prolexic suggested companies leverage better traffic monitoring and analysis tools, to provide greater alert accuracy and faster identification and analysis. "The faster attacks can be recognized," the company said, "the faster they can be mitigated."
Another security company, New Jersey-based Radware, also issued a report that noted small, less-intensive attacks can cause more damage than larger DDoS incidents. It said that firewalls and intrusion prevention systems are not sufficient to thwart attacks, and that the core mitigation strategy should be to "defend and absorb."
This includes quickly identifying the attack tool being used and exploiting its weaknesses, and making sure the service provider can "mitigate volumetric attacks that may saturate your bandwidth."
Charles King, an analyst with Pund-IT, said he's seen "a heightened awareness" among IT departments about such threats as DDoS, but added that there hasn't been "a great deal of evidence that companies are devoting more funds" to this issue.