Distributed denial of service (DDoS) attacks aren\u2019t what they used to be \u2026 and that\u2019s not good. They used to only be attacks from armies of bots against large organizations, sometimes for political reasons and somet\n\times for extortion. Now DDoS attacks are more targeted and don\u2019t need nearly as much in the way of resources, which means organizations of all sizes are now at risk.\n\tThe classic DDoS attack relies on brute-force to shut down network traffic to a site. Because these required the use of a large number of bots, attackers typically just went after large enterprises. Even criminals are concerned with ROI and they needed a sizeable payoff in order for an attack to be worth it. These are the type which played a part in both the recent South Korean and Russian elections \u2013 in these cases the ROI is measured in political power.\n\tNow the attacks are moving from network level to application level. \u201cThey find a soft spot in an application then exploit it,\u201d says Marc Gaffan, co-founder of Incapsula \u2013 one of several companies providing DDoS mitigation services. Unlike the old model attack, this doesn\u2019t stop people from getting a website, but using it is pretty much impossible. This attack requires far fewer bots and costs a lot less money, so they can target smaller organizations. \u201cThey can blackmail any size website,\u201d says Gaffan.\n\tNo surprise then that the number of DDoS attacks has skyrocketed. According to a report by Prolexic, another service provider, \u201cThe volume of packets-per-second (PPS) has almost quadrupled compared to Q3 2010, illustrating a significant increase in the size and diversity of attacks over the past 12 months.\u201d\n\tThe standard way of dealing with DDoS was for a company to install a network firewall designed for this. However, those require a lot of work to manage and maintain. That\u2019s not a problem for large companies which can afford to devote IT resources to this. The newer mitigation get around this by via cloud-based technology. Typically they re-direct traffic to their servers, scrub it and then send the legitimate traffic to the client. This model has cut down prices making DDoS mitigation and prevention an option for most firms doing business on the web.