Distributed Denial of Service Attack
– Bill Barry, executive vice president of Nexusguard, says:
Online data breaches are making the news with alarming frequency. Recent examples include the massive Target hack last year, which compromised 40 million accounts, and the latest high-profile hacking incident at Home Depot, which put data from 56 million cards at risk. Distributed Denial of Service (DDoS) attacks are also on the rise. NBC News says that surveyed businesses reported a 75% jump in DDoS attacks in the final quarter of 2013 over attacks reported in the fourth quarter of the previous year, and analysts expect the threat to increase
In a DDoS attack, cyber criminals typically use numerous compromised systems to attack a targeted website, shutting out legitimate site visitors by denying service. DDoS is a common mode of attack these days, and businesses that rely on their website to generate revenue and communicate with customers and partners should have robust protection in place already, with a DDoS specialist handling security. Those that don’t could be putting millions of dollars at risk.
If you choose not to partner with a DDoS protection specialist, you may find yourself in a situation where you’ll have to react quickly if your website comes under DDoS attack. Here are three tips that can help you contain the damage:
- Make sure you understand your options. When your site is under DDoS attack, you’ll need to deploy a mitigation solution quickly. Typically, you’ll have two options: a cloud solution or an appliance. Cloud services deploy more quickly, but all DDoS solutions will involve varying lead times to deployment, depending on the complexity of your network. To be fully informed, analyze the time your services are down and the time you’re able to deploy a cloud mitigation solution and confirm that this outage time is acceptable for your business context.
- Have a backup set of IPs ready. In a DDoS attack, a master program instructs a multitude of compromised systems – sometimes called “zombies” or “bots” – to transmit requests to the target site in order to overwhelm and deny access to legitimate users. Having a backup set of normally unpublished IPs ready will allow the mitigation service of your choice to pass traffic to your site while forcing the attackers to go through the mitigation provider’s proxies through a DNS change. The backup IPs should also be in a different subnet altogether so the attackers do not find your backup IPs by scanning your normal IP range.
- Be prepared to put out fires. When DDoS attacks are successful, your site shuts down. Customers and business partners can’t reach you. You are unable to conduct transactions. This can be a heavy hit to your bottom line – some companies report losses of around $100,000 per hour and a million or more in lost revenue during an attack. But your business reputation also takes a hit. You can attempt to minimize damage on that front by preparing your response in advance. The last thing you need is to have to come up with explanations for customers on the fly while scrambling to address technical issues.
DDoS attacks are a serious and growing problem. If your company depends on your online presence to communicate with customers and conduct business, the best thing you can do to manage the DDoS attack risk is to find a partner with proven expertise in preventing and mitigating attacks. Affordable options are available at a fraction of the cost of the damage a successful DDoS can inflict on your company.
However, if you choose to go it alone, make sure you understand your attack mitigation options and have IP alternatives ready to deploy. Also ensure that you provide your customers with a consistent, credible message to help minimize the post-attack fallout. In the absence of a sound prevention strategy and technical solutions from a competent partner, these tips can help you recover if your company faces a DDoS attack.
Bill Barry is executive vice president of Nexusguard, a global Internet security company that delivers comprehensive, highly customized security solutions for customers of all sizes across a range of industries.