Businesses don't know how to protect against DDoS attacks
A distributed denial of service or DDoS is a method used to deny access for legitimate users of an online service. This service could be an e-commerce website, a bank, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.
DDoS attacks are becoming threatening to every type of business. Whether, ecommerce or other online business, none of the firms are safe these days. The situation turned grave especially since 2010 onwards. Hundreds of businesses, both small and large, have lost millions of dollars because of the DDoS attacks.
Blizzard of DDoS attacks to continue through 2020. According to the research by the Kaspersky Lab, 30 percent of businesses fail to take action against DDoS attacks. As alarming as this fact, a further 12 percent were under the assumption that small DDoS attacks have no significant impact. Any attack can cost millions to a business and can tarnish its brand image.
A few years back, the Ponemon Institute study estimated that the avg. The cost of one minute of downtime due to a DDoS attack is $22,000 approx. With an average downtime of 54 minutes per DDoS attack, it is not tough to imagine the toll on businesses.
Moving on to the prime motive behind a DDoS attack; if your website is forcefully taken offline by a DDoS attack, it will give your competitor a better chance of getting visitors, and that could negatively impact your revenue stream in the long run. Plus, visitors that will be visiting your website will get a negative perception of your brand, deducing that since you are not capable enough to fight a DDoS attack, you won’t be competent enough to protect their information stored in your database.
The motive behind these attacks has changed, ranging from asking for a ransom to extorting money, not to attack your website.
Top 3 DDoS attacks ever witnessed
Here are the three worst attacks that have affected businesses in the recent years:
1. OVH, 2016
OVH faced the biggest attack in 2016. This France-based hosting provider was hit with two simultaneous DDoS attacks, whose combined bandwidth reached almost 1 Tbps. Klaba -- the founder of CTO tweeted, "We got lot of huge DDoS. Here, the list of 'bigger that 100Gbps' only. You can see the simultaneous DDoS are close to 1 Tbps!"
2. GitHub, 2015
On 2015, GitHub was targeted by one the biggest DDoS attacks for six days. GitHub said, the attack "involves a wide combination of attack vectors," which "includes every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic."
3. BBC, 2015
Another massive attack happened in 2015, the victim to that attack was BBC. It was the biggest attack by the New World Hacking group. BBC’s entire domain, including its on-demand television and radio player service were down for three hours and continued to have issues for the remainder of the day. The hacking group said that the attack on BBC reached 602Gbps.
How to protect your business from DDoS attacks?
Seeing as how well-known companies like BBC, GitHub, OVH were not safe from DDoS attacks, how could other businesses can? According to a survey by Kaspersky Lab, 40 percent of businesses are still unclear about how to protect their business, brand and online store against DDoS attacks. It’s quite hard to protect your online presence in this day and age completely, but it’s certainly not impossible. DDoS protection must be at the core of every cyber security strategy. Here are five most important types of protection against DDoS attacks:
Recognize the signs of a DDoS attack
Precaution is always the best defense against a DDoS attack. Recognizing a DDoS attack in its early stages is incredibly helpful. Unfortunately, not all DDoS attacks are easy to defend and identify. They're usually not much different from normal spikes in network or web traffic.
Investing in the right technology, training, and expertise can help you in analyzing the difference mentioned above. Using an Anti-DDoS service is always recommended, and planning a great incident response program is usually helpful.
Use DDoS protected VPN
Anti-DDoS VPN service hides your real IP from the attackers and filters the incoming traffic to your website or server through its anti-DDoS mitigation servers. After connected to the VPN, all the unwanted traffic will route to your VPN provider's server. It's only possible if you have the "DDoS Protected Dedicated IP."
Contact your ISP provider
Not only your company suffers from a DDoS attack, but your ISP feels the effects too. You can call your ISP in the event of the DDoS attack and request them to trace the source of the attack and re-route your traffic as per their recommendations.
While choosing an ISP, you can make sure if they have any DDoS protective services available. You must also have a backup ISP present to keep your business running in case of an attack.
Have your threat intel handy
Join your local ISAC and use the Threat ISP or network with your peers to understand the source of threats and attacks. Remember, half the battle is won by just knowing what to look for. What are the potential indicators of an attack? What threat vectors are most popular? And how are your peers responding to those attacks?
Specialized on-premise equipment
This is similar to “Do It Yourself” in that an enterprise is doing all the work to stop the attack, but instead of relying on scripts or an existing firewall, they purchase and deploy dedicated DDoS mitigation appliances. These are specialized hardware that sits in an enterprise’s data center in front of the normal servers and routers and are specifically built to detect and filter the malicious traffic.
Conclusion
DDoS attacks are destructive stealth weapons that can shutter a business. These days, our reliance on the Internet continues to grow, and the threat of DDoS attacks continues to expand. Organizations need to ensure operational continuity and resource availability with a vigilant DDoS mitigation approach if they want to conduct "business as usual."
Anas Baig, cyber security journalist, Twitter @anasbaigdm.
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.
Photo credit: sibgat / Shutterstock