DDoS Attack: A Persistent Threat

DDoS Attacks: A Persistent Threat

“Although DDoS attacks can take different forms — such as saturating server bandwidth to make it unreachable or exhausting system resources — they all follow the same logic,” explains Sébastien Grelot.
“A DDoS attack aims to make a server, service, or infrastructure unavailable, preventing it from responding to legitimate traffic. These attacks are used not only for extortion purposes, but also for ideological, political, or purely malicious reasons.”

The Threat Remains

DDoS attacks are not only among the most common forms of cyberattacks — ranking just behind malware in terms of reported incidents — they are also becoming increasingly accessible, inexpensive, and low-risk, as highlighted by Europol in its report on organized cybercrime.

According to the European law enforcement agency, individuals with little or no technical expertise can now easily obtain the tools required to launch large-scale DDoS attacks. The report further emphasizes that the availability of on-demand “booter” or “stresser” services is one of the main drivers behind the increasing number of DDoS-related investigations.

New attack vectors continue to emerge regularly. Since its first appearance in 2016, Mirai has repeatedly made headlines. The malware infected hundreds of thousands of connected IoT devices to coordinate devastating DDoS attacks through the botnet it created. Although the original creators of Mirai were eventually imprisoned, variants of the malware remain active today.

Raising Awareness Among Businesses

“All these factors significantly increase the risks faced by businesses, particularly regarding the availability of their services — whether web banking platforms, e-commerce websites, or online gaming services,” notes Sébastien Grelot.
“Organizations are still not sufficiently aware of these threats, which is why our first priority is to educate customers about the risks DDoS attacks pose to their operations and the importance of implementing effective protection systems.”

The real-time volumetric DDoS protection solution offered by Proximus NXT Luxembourg relies on continuous traffic flow monitoring.

“During a DDoS attack, massive volumes of simultaneous requests are sent from multiple points across the Internet. It is the intensity of this ‘bombardment’ that destabilizes or completely disrupts the targeted service,” explains Sébastien Grelot.

“Our experts rapidly analyze all incoming packets in real time. If necessary, incoming traffic directed at the customer’s servers is rerouted to a scrubbing center hosted within Proximus NXT infrastructures. There, illegitimate traffic is separated from legitimate traffic before the clean flow is redirected to its final destination, such as the company’s website.”

A Tailored Approach

The team responsible for DDoS protection consists of around ten experts within Proximus NXT’s Connectivity department.

“It is essential to combine expertise in both IT and telecommunications to address all aspects of this issue comprehensively. Our customers themselves emphasize this point,” says Sébastien Grelot.

“In fact, the same team is responsible for implementing both Internet connectivity and DDoS protection for customers. This allows security considerations to be integrated from the very beginning.”

“Our customers also appreciate the personalized support they receive from Proximus NXT. By helping organizations develop tailor-made DDoS mitigation strategies — from designing mitigation scenarios to continuously monitoring traffic and regularly reviewing procedures — we provide them with a protection solution that is simple, effective, and fully adaptable to their evolving needs.”