How to fight back against DDoS attacks
By Graeme Zwart, PXP Chief Information Security Officer
Distributed denial of service or DDoS attacks are back with a vengeance. Attacks are growing in frequency and severity. In the next in our security series we look at how businesses can protect themselves from debilitating DDoS attacks.
The lowdown on website takedowns
DDoS attacks overwhelm target sites with fake traffic to knock them offline. They were originally used by gamers to gain an advantage by slowing other players down. Hacktivists have used them to take down prominent websites to raise awareness of their causes. Criminals then got in on the action, threatening to take companies offline unless they paid a ransom.
The size of DDoS attacks has increased dramatically over the last couple of years. For example, in September 2016 the website of security blogger Brian Krebs was hit by one of the biggest DDoS attacks recorded. It measured 620 gigabytes per second, nearly double the size of the largest previous attack. In October 2016, a DDoS attack on DNS provider Dyn brought down part of the internet, disrupting websites in Europe and the US.
New DDoS variants gain their power from co-opting internet-facing devices, such as CCTV cameras, smart TVs and baby monitors. With attacks now being measured in terabytes rather than gigabytes or megabytes, it’s serious.
If you have a transactional website, you’ve got to be able to transact. Availability and reliability are critical, irrespective of what you sell. If customers can’t reach your website, they’re not your customers.
Your business probably knows the bottom-line impact of your website being offline for an hour. Aside from business disruption, DDoS attacks are often used as a smokescreen for other nefarious activity. For example, data theft, ransomware attacks and malware activation.
There are a number of options for protecting your business from a DDoS attack. The level of risk and impact of an attack as well as your budget determines what’s right for your business.
Host-supplied DDoS protection — as it says on the tin, your internet service provider or hosting company may offer DDoS protection as part of their package to you.
On-premise hardware protection — offers real-time or near real-time DDoS detection, however this is often the most costly option.
Cloud-based protection — an alternative to on-premise solutions which comes in a variety of flavours.
Hybrid protection — best-of-both-worlds hybrid solutions combine on-premise hardware and cloud-based protection which can be tailored to your needs.
As well as technology solutions, consider insurance. It will not protect your business from attack, but purchasing insurance may help you recoup losses following an attack. Review the terms of your general business insurance policy and take out additional cyber-specific cover, if necessary.
DDoS attacks are back and more powerful than ever. There are a number of options for protecting your business. Act now because doing nothing is the expensive option that no business can afford.
For a free 30-minute consultation on your payments requirements, please complete the form below or call 0844 209 4370.
Telephone: 0844 209 4370