This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

DDoS evolution and the importance of preparation

Share this article:
DDoS evolution and the importance of preparation
DDoS evolution and the importance of preparation

When distributed denial-of-service (DDoS) attacks first started appearing in the late 1990s, the response from businesses was broadly similar to that of most new cyber threats: A shrug of the shoulders and an ‘it won't happen to me' attitude.

Then, as they became more prevalent, companies began to take notice. Yet until relatively recently, products that could successfully defend against a DDoS attack weren't available to many businesses. Businesses that did get hit had no option but to grin and bear it.

Vendors now offer a wide range of mitigation solutions that offer protection to companies that find themselves under siege. While their effectiveness can't be guaranteed, it allows firms to be proactive and put together defence strategies, instead of simply waiting to be targeted.

The frequency of DDoS attacks is growing at a frightening rate, with one report claiming a 200 per cent annual increase.

A week rarely goes by without the media running a story about a high-profile victim of a successful DDoS attack. With our always-online culture coupled with businesses migrating more of their services onto the internet, the threat has become more acute.

This increase in attacks and greater public awareness has moved DDoS onto all businesses' risk dashboards - from start-ups to multi-national corporations, but simply putting mitigation measures in place and hoping for the best isn't enough.

It's been suggested that defending against a DDoS attack can cost as much as £2.5 million. Although this may be an overestimation, businesses do need to be certain that their mitigation investment will pay dividends.

In other areas of cyber security, the cost effectiveness of this type of investment can be assessed. For instance, a penetration test can measure how effective a network's defences are and pinpoint vulnerabilities. But with a DDoS attack, how do you know that your investment is worthwhile, until it's too late?

There's also practical preparation to think about too. Do IT employees and service providers know what a DDoS attack will look like? Do they know the signs to look out for, and do they know their role during an attack scenario?

In the workplace, we all know what to do if there was ever a fire because of fire drills; we run over the steps we¹d need to take so that, should the real thing happen, we are prepared.

That is exactly the mind-set that businesses should have when it comes to DDoS attacks, and why we've created a DDoS fire drill service. Building on our DDoS assured simulation service - which emulates a real attack through our own botnet in a secure, controlled manner - we can test businesses with a controlled, low level DDoS attack and allow them to test their response processes.

While we control the attack, companies can examine staff and supplier reaction and ensure realistic procedures are in place to manage not only the attack itself, but also discourse with the supply chain without having to wait until a real attack occurs.

For instance, working out whose responsibility it is to phone the necessary third parties might seem like an inconsequential issue, but if employees don't know their roles or have never had a chance to practice then it shouldn't be assumed.

What about the mitigation solutions that aren't fully automated? Whose role is it to man them, and do they know how? With the DDoS fire drill, everyone can learn exactly what part they're expected to play. When the fire alarm goes off, employees know exactly where to go -­ it should be the same once the tell-tale DDoS signs appear.

Being prepared and ready is paramount when it comes to any emergency, and cyber security is no different. Too many businesses are like rabbits in the headlights once a DDoS attack starts. But prepare and practice accordingly and it is possible to minimise the damage.

Paul Vlissidis is technical director at NCC Group

Share this article:

Newsletters

More in Security Cats Blog

The information security implications of change

The information security implications of change

Microsoft has recently warned businesses that they should be well on the way to upgrading their legacy desktop environments.

The beginning of the authentication ice age

The beginning of the authentication ice age

This week I was invited to sign the new online Petition Against Passwords which I was delighted to do and I urge you all to do the same.

The chilling effects of the Volkswagen injunction on British research

The chilling effects of the Volkswagen injunction on ...

At this week's Black Hat conference in Las Vegas, Charlie Miller and Chris Valasek will present on on-board car computer insecurities to thousands.