Generally speaking, when someone asks if you’re ready for something, it either means something really good is potentially going to happen, or something really bad. When it comes to DDoS attacks, it’s always the latter.
DDoS attacks or distributed denial of service attacks have dominated cyber security headlines for the past few years, and for good reason. These attacks, which use the many infected devices of a botnet to direct a significant amount of malicious traffic at a target website or online service to overwhelm its resources and take it offline, have been steadily getting bigger and more common, adding up to major problems for websites and businesses.
DDoS attacks are getting bigger and worse because of the Internet of Things (IoT) and the billions of unsecured devices in it. Botnet creators need to do little more than input default user names and passwords in order to gain remote control of these devices. IoT botnets are the biggest the internet has ever seen and so are the resultant attacks – the 1.2 Tbps attack on the Dyn DNS server that brought down Twitter, Reddit and Netflix, among many other popular sites, was the work of the IoT Mirai botnet.
A near inevitability
With a 125% increase year over year, these attacks are becoming more common for a couple of reasons. The first is how easy it is for even someone with no special programming skills to launch one, thanks to the growing availability of botnets for hire, including IoT botnets for hire. These services make it easy for people to seek out revenge, gain attention or even make money on DDoS ransom notes.
The second reason distributed denial of service attacks are a main go-to for cyber attackers is, well, they work. Even with these attacks regularly making the headlines, far too many websites have either insufficient protection or none at all. Successful DDoS attacks gain a lot of attention, as well as wreak serious havoc on a site or business, which is also the goal of many attackers.
As a result of all of the above factors, nearly every website is a potential target, poised to incur the considerable damage that accompanies attacks.
Big-time consequences
There are two types of consequences that can accompany a successful DDoS attack. The first is the immediate consequence that includes revenue and traffic loss while the site is unavailable, user frustration, hardware or software damage, or an intrusion that occurs while a security team is busy dealing with the smoke screen DDoS attack and results in the theft of sensitive data or intellectual property. That’s not even mentioning the financial hit, which can range between $20,000 and $100,000 per hour for larger organizations.
Then there are the long-term consequences which, believe it or not after that last figure, can actually be more costly than the immediate. When user frustration turns into a loss of trust or loyalty it can spell the end of a website or an online-based business.
Ready to rumble?
The potential of a DDoS attack looms large for many organizations and website owners. For many, however, their state of preparedness is questionable. A resiliency test like the one developed by DDoS protection provider Incapsula that takes into account hosting, resources, currently distributed denial of service attack solutions and procedures and practices as well as a business’s industry will help clarify things. The resiliency test may not provide welcome news, but it’s always better to know the risk.
Taking steps to prepare
When it comes to DDoS attacks, the best defense is a good offense, and proactive action is infinitely better than a reactive action. Here are a few things you can do to get ready for a DDoS assault.
- Prepare a response plan. Know who in the organization does what in the event of an attack, and have a plan for communications in case online services go down.
- Perform a risk assessment. Determine what your potential targets are and what infrastructure assets require the most protection.
- Find out what kind of protection you already have. Your ISP might provide some level of protection, and if you have a CDN it definitely does, but you need to find out exactly what kind of protection you’re receiving because it might not be as good as you think, especially against volumetric network floods.
- Onboard additional protection before you need it. Professional DDoS protection is a must for many websites and businesses, and having it in place before an attack ever begins will keep malicious traffic from ever touching your network while allowing your users through without impacting their experience at all.
- Choose your detection and deployment methods. Is manual detection good enough for your website? Or is automatic required? Do you need always-on protection, or will on-demand deployment do?
Looking for that something good
With a solid distributed denial of service response plan in place and robust cloud-based DDoS protection, you can get ready for unblemished user loyalty, undamaged hardware and software, protected data, uninterrupted revenue and traffic, and a whole lot of money in your pocket that otherwise would have gone to emergency mitigation. That all sounds pretty good indeed.
