Counting the costs of DDoS attacks - prepare in advance
Counting the costs of DDoS attacks - prepare in advance
Distributed denial-of-service (DDoS) attacks became even uglier in 2017. No sector or size of business is immune from this growing menace and business owners and decision makers must take steps to understand the business impact and their needs in the rising DDoS threat landscape. 

DDoS attacks are used to overload the internet-facing network infrastructure and services that many organisations rely on. Their ability to cause network outages and general chaos for any organisation and their IT security staff makes DDoS attacks a particularly troublesome issue for enterprises large and small. 

DDoS attacks do not discriminate – making any business in any industry a potential target – so they are a particularly worrying attack vector. 

They are easy to deploy, difficult to prevent, hard to trace and increasingly affordable for anyone to get their hands on. Unlike more traditional attack techniques which look to infiltrate business networks undetected, DDoS attacks are brutal and anything but sneaky. This helps them achieve their primary aim of creating noticeable disruption. They are ever more utilised by individual troublemakers, activists and organised groups with an axe to grind. Some organisations have even suspected their competitors of being behind an attack which has knocked their systems offline and caused business downtime. 

Businesses can not only suffer from financial losses from ransom payments, but also a loss of productivity and reputational damage. No figure can account for the frustration experienced by business users while a service-impacting DDoS attack is occurring. 

What can I do to protect my business? 

Unlike many of the techniques utilised by cyber-criminals today, DDoS attacks have their roots firmly embedded in the past and instead of falling off the threat landscape, they have evolved to become more devastating than ever. 

This makes the case for implementing a dedicated DDoS mitigation solution more relevant than ever as we see more and more workflow operations, management strategies, products and services becoming reliant on web-based IT infrastructure. 

The distributed nature of these attacks makes them extremely difficult to prevent completely, but bespoke mitigation solutions can significantly reduce their impact if implemented before an attack occurs. 

One of the best ways to ensure your organisation is in the best shape possible when a DDoS attack strikes is by creating a DDoS playbook. It should include the names and contact details of teams who are to be called upon when an attack hits. Their roles and responsibilities should be documented so that nothing is left to chance. You should also aim to cover off communication – how will you inform customers, staff and other business stakeholders? Effective communication can help to keep your reputation intact, when all else seems to be going wrong. 

Secondly, never over-estimate your network defences. Modern networking technology has come on leaps and bounds from the infrastructure of yesteryear. Never blindly assume that your network defences will be able to cope with the onslaught of a modern-day DDoS attack. Always aim to keep your systems up to date. 

Benchmark to help better identify active attacks. Some businesses have no idea what levels of network traffic they experience under “normal” operation, so it can be impossible to tell if they are being subjected to a DDoS attack. Monitor your network traffic and set benchmarks. Where is the majority of your network traffic coming from? If your business has zero customers in a certain country but you're seeing a lot of traffic coming from said country – alarm bells should start ringing. 

Stay on top of vendor patches. It goes without saying that keeping servers and network devices up to date with vendor released patches is a crucial element of any IT security plan. With new and ever-sophisticated DDoS attack methods emerging all the time, known security vulnerabilities for which patches exist should be prioritised. 

Secure your IoT devices. If your organisation is forward-thinking and looking to leverage the opportunities afforded by IoT, make sure they are all protected against remote access. 

Finally, deploy a dedicated DDoS mitigation solution. While there are emergency DDoS mitigation solutions available which can be deployed within an hour in most cases, why respond reactively when you can be proactive and put dedicated, behavioural-based DDoS mitigation systems in place? Working based on your own benchmarked best efforts, they take account of source flow metrics, time to mitigate attacks, performance capacity and other critical factors.  

If your business has an online presence or internet-facing network infrastructure, you really need to understand the significant threat posed by DDoS attacks today and put measures in place to mitigate them before they adversely impact your business. 

As long as they can carry out DDoS attacks with relative ease, cyber-criminals will continue to do so. It's up to every business to ensure their defences are fit for purpose. Investing in additional protection services generates a 50 percent reduction risk of DDoS at the very least. 

Contributed  by Susan Bowen, vice president & general manager EMEA at Cogeco Peer 1

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.