Cyberattacks make the headlines periodically, usually when they hit high-profile organisations. But just because they aren’t always in the news doesn’t mean they aren’t happening. In fact, businesses of all sizes face daily threats from a wide variety of malware and other nasties, so security is something you need to take seriously.
What is DDoS?
One of the most damaging types of attack is the distributed denial of service (DDoS) attack. In these cases, the cybercriminal seeks to make a machine, network, cloud service or website unusable by bombarding it with thousands of requests in an attempt to overwhelm the system, therefore blocking legitimate traffic and effectively denying people use of the service.
The ‘distributed’ part of the name comes from the fact that these requests come from many different sources. Very often, these zombie PCs are infected with malware in order to recruit them into botnets controlled by cybercriminals so that the attack can’t easily be stopped by blocking a single source.
Attacks occur for a number of reasons. The motivation behind DDoS attacks is often blackmail; trying to get companies to pay a ransom to stop the attack. But they can also be driven by revenge or by hacktivism, in other words, people with some kind of grudge against a company.
Although attacks on larger businesses are the ones that get the most attention, no company with reliance on the cloud and a website is immune. DDoS protection, therefore, is something that EVERY company needs to take seriously. Suffering an attack can do serious damage to both your business and its reputation and may threaten its very existence.
How severe are DDoS attacks?
Most DDoS attacks have a lifespan of just a few hours. However, recent studies show that attacks are getting longer, lasting for several days in the most severe cases. Often, a short attack may be used as a declaration of intent, accompanied by a ransom demand. This serves to persuade those affected that the threat is a serious one, before launching a more sustained assault if the ransom isn’t paid.
The effects a DDoS attack has on businesses can be dramatic. More than half of companies take three hours to detect an attack, and three hours to respond. With a potential cost of lost revenue of up to quarter of a million dollars per hour, the effect of a sustained DDoS attack could prove crippling.
Of course, the financial aspect is only half the story. Businesses also face lost productivity, lost data, and severe damage to the reputation of the company.
Although we think of DDoS attacks as being malicious, occasionally a site is brought down by unexpected surges in legitimate traffic. A breaking news story can cause major websites such as Google and Twitter to struggle with the extra demand. Similarly, a mention of a business website on a popular blog can have the effect of driving a surge of extra traffic. It’s important that any system aimed at combatting attacks is able to differentiate between types of traffic.
DDoS and the UK law
The UK Government takes the threat of DDoS attacks seriously. In the Police and Justice Act of 2006, DDoS attacks were outlawed. Anyone caught committing an attack facing sentences of up to 10 years in prison.
The problem lies in the global nature of the internet. Attacks come from anywhere and there’s difficulties in tracing them back to a single source. You don’t need to be a technical wizard to launch an attack – the Dark Web makes it possible for criminals to buy attack services for just a few hundred dollars. This approach makes attacks easier than ever with those responsible even offering sophisticated business models and pricing structures. Similarly, sites using some form of DDoS protection cost more to attack than those that don’t. Cyber attacks on government sites are also costly as they tend to be monitored closely by police and intelligence agencies.
Defending against attacks
Effective DDoS protection can be implemented in a number of different ways. Often, it involves a blended approach combining attack detection, classification of traffic and various blocking techniques.
Available technologies include the use of a ‘black hole’ to reroute suspect traffic to a non-existent server. An intrusion prevention system (IPS) can also be used to detect and block attacks based upon their content. However, the latest attacks tend to use legitimate content to hide their malicious intent, so this type of protection may be less effective.
Traditional protection techniques such as firewalls can also play a part in guarding against DDoS attacks. Where attacks are focusing on a particular port, a firewall rule can be an effective way of fighting them off. Features built-in to some of the latest generation of routers can also resist the impact of DDoS attacks.
Buying DDoS protection
So, what exactly do you need to look for when shopping for DDoS protection? Firstly, you need a supplier you can trust, so look for a firm that has accreditations from major security vendors. This provides the peace of mind that staff have received training and that the latest technology is available to address attacks.
DDoS attacks can come at any time, so 24/7/365 monitoring is essential. The earlier you can catch and block an attack, the less damaging to your business.
If you’re looking for protection from your service provider, you need to ask about the network technology they’re using.
For example, do they offer embedded protection against DDoS attacks? The provider’s location is an important consideration too. Choosing a UK-based service ensures that you have access to local support, as well as constraining traffic within the country in the event of an attack.
Buying protection as-a-service also delivers a number of benefits to your company. You’ll have access to a full range of services from monitoring and detection through to mitigating the effects of an attack. Cybersecurity skills are in demand, and smaller companies may not necessarily be able to afford a dedicated team of in-house specialists to deal with DDoS threats and other security issues. By buying protection from a trusted supplier, you’ll have access to the latest technology and skills without the difficulty or expense of recruitment or training.