Increasingly, IT teams find themselves on the front lines of a battle with an invisible enemy. Cyber-threats and attacks continue to increase, with the anonymous intruders breaching large and small enterprises alike. Even with the most robust security strategies in place, continuous vigilance is required just to keep up with the ever-evolving tactics of intruders. A report by Imperva states that the UK is now the second most popular target in the world for DDoS attacks. With attacks increasing both in frequency and complexity, what do security professionals need to know when it comes to DDoS?
Mitigate and minimise damage
At least once a week, there is news about successful businesses being disrupted by these attacks and those are only the ones that are reported - many smaller companies suffer from DDoS offenders that we just don't hear about. The number of attacks rose by 221 percent over the past year – underlining the need for an active DDoS defence.
DDoS attacks work by flooding a website or domain with bandwidth until it breaks down under the weight of traffic. The best way for companies to mitigate against these sort of attacks is to have an accurate overview of the traffic and data feeds in the network. By using real-time data analytics, threats can be detected at an early stage and re-routed to scrubbing centres – thereby neutralising the attack before it has had the chance to do any real damage.
Long-term protection and prevention
It is crucial that security professionals not only think about the short term tactics to minimise cyber-attacks but also consider long term infrastructure protection when it comes to managing security and preventing future DDoS attacks. Cloud-based managed security services are an important tool to protect against cyber-attacks as they are used by a multitude of services and Internet service providers – providing extra levels of security and making it harder for the DDoS attack to reach their intended targets.
In most cases, it is best to err on the side of caution when it comes to cyber-security. Adopting a “zero trust” approach to threats minimises the risk of a potential breach. Earlier this year, we saw the reputational damage caused to a major UK bank when one of their payment websites was brought down by a suspected DDoS attack.
The UK's position as a global leader in financial services makes it a high-profile and potentially very rewarding target for would-be cyber-criminals. However, it is not just financial services companies who are at risk. The UK has a sophisticated and fast growing digital economy, it is expected to account for 12.4 percent of GDP in 2016 – a substantial amount of money and traffic across all industries with an online presence at risk of DDoS attacks.
It is now more important than ever for security professionals to have real-time data analytics in their defensive arsenal to detect and neutralise threats early on. The shared aspects of cloud technology can benefit companies with their multiple layers of security in place that can deter potential future attacks. We have seen the financial and reputational losses that can arise from it and how these attacks can affect major UK businesses. Real-time data and a sophisticated infrastructure network, capable of re-routing and quelling dangerous activity is the best way of mitigating against this increasingly prevalent threat.
Contributed by Annette Murphy, commercial director of Northern Europe, Zayo