4 ways to protect your business against DDoS attacks
In today’s marketplace, having your business taken offline by cybercriminals can have crippling effects – the loss of business is just the tip of the iceberg. October is European Cyber Security Month (ECSM), and understanding DDoS can help you defend yourself, says cyber security commentator Pete Roythorne.
If you have kids who play Minecraft, you may already be all too familiar with the phrase “I’ll DDoS you”. If your internet connection has then mysteriously ground to a standstill, you can be fairly certain that they’ve been successful. In fact, go to YouTube and you’ll unearth a huge number of videos on DIY DDoSing.
But far from being restricted to kids messing around with online games, DDoS (or Distributed Denial of Service) can be a very serious problem for businesses. If your website or service grinds to a halt you could be losing huge sums of money for every minute it’s not available – particularly if you’re involved in ecommerce.
Loss of trust
That immediate loss of business can be just the tip of the iceberg. According to a recent DDoS Impact Survey by Corero Network Security, in March this year, it’s not the immediate loss of revenue that’s most damaging to a businesses; almost half (45%) of those surveyed cited the ongoing loss of trust in their brand as the most damaging result of a DDoS attack.
And it’s on the rise. Another report from March 2016, this time by Infosecurity magazine, points to the fact that DDoS attacks are up by 149% year-on-year, with a 40% spike in the last quarter of 2015.
So, how does it work? DDoS attacks have been around for a very long time, and they consist of the attacker bombarding the targeted server with incoming data causing it to become overwhelmed with requests, effectively rendering it unusable and taking it offline.
Attackers tend to use an army of compromised devices to support them in this process. These can range from computers that have been infected with malware, to compromised internet-enabled devices, including phones and tablets. Level 3, a US-based network provider, recently claimed that more than one million web-enabled consumer video cameras and DVRs have already been compromised by cybercriminals and are being used to support DDoS attacks. On top of this, French hosting firm OVH, recently raised concerns when it was hit by ‘two concurrent DDoS attacks whose combined bandwidth reached almost 1 terabit per second’. The source of the attacks was found to be an army of around 150,000 compromised internet-enabled devices.
Another worrying thing about DDoS attacks on businesses is that while they’re devastating enough in themselves, they can also be a smokescreen for other activity.
Attackers may not always go for a long-term shutdown with a DDoS attack, instead they might use lower-level attacks, lasting for shorter periods and degrading network performance rather than closing it down entirely. While the IT team is busy trying to get the network or website running at full capacity, the attackers are creeping in the backdoor and exploiting other more dangerous vulnerabilities.
How can you protect yourself?
1. Place public-facing servers behind a firewall. This is essential, and that firewall needs to be up to the job. On top of this, your networks need to be properly managed, that way you’ll be able to spot an attack as it starts as you’ll be constantly monitoring your network traffic.
2. Use bandwidth buffering. Technology that controls bandwidth usage can also ensure that any spikes in your traffic get absorbed and customers don’t experience any access problems. Should that spike turn out to be an attack then you can buy yourself recognition and reaction space.
3. Manage your mobile and IoT devices. People don’t tend to think of their smartphones and other mobile devices as computers, and therefore don’t worry too much about protecting them. The reality is that these, as well as Internet of Things devices like online monitors, can be compromised relatively easily and turned into zombie machines that can be called into action (without the users’ knowledge) as part of a DDoS attack.
Mobile device management software can help you spot the tell-tale signs of compromise including: slow performance; unexplained error messages; frequent crashes; unrecognised messages; slower than usual start up or shut down times; or unexpected loss of storage space.
4. Get backup. Finally, and most importantly, if you have internet-dependent critical systems, they should be based in a data centre with multiple internet providers with infrastructure redundancy. Companies like Rackspace, Amazon, Google and Microsoft Azure all offer top-level internet service, with DDoS protection capability and redundant infrastructure.
Balancing internet services across two or more Internet Service Providers (ISPs) that offer DDoS mitigation services is the very least you should consider.