According to a new Gartner report, "Arming Financial and E-Commerce Services Against Top 2013 Cyberthreats," 25 percent of all DDoS attacks in 2013 will be application-based, meaning attackers send targeted commands to applications to tax the CPU and make the application unavailable.
"2012 witnessed a new level of sophistication in organized attacks against enterprises across the globe, and they will grow in sophistication and effectiveness in 2013," Gartner vice president and distinguished analyst Avivah Litan said in a statement. "A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against U.S. banks in the second half of 2012, and this will continue in 2013 as well-organized criminal activity takes advantage of weaknesses in people, processes and systems."
"Gartner predicts that high-bandwidth DDoS attacks will become the new norm and target unprepared enterprises in 2013," Computer Business Review reports. "The firm says that enterprises need to bolster their network configurations. 'To combat this risk, enterprises need to revisit their network configurations, and re-architect them to minimize the damage that can be done,' said Litan. 'Organizations that have a critical Web presence and cannot afford relatively lengthy disruptions in online service should employ a layered approach that combines multiple DOS defences.'"
"Gartner warns that hackers often rely on DDOS attacks to distract the attention of security staff while they steal sensitive information and even money from the targeted company," notes Softpedia's Eduard Kovacs. "In this case, enterprises should take steps to mitigate the effects of an attack by cooperating with industry associations in sharing useful intelligence."