DDoS Attacks: How to Deal with New Assaults from an Old Threat

11/7/2018

DDoS AttackWith all the publicity surrounding innovations in ransomware, turning your attention away from long-established cybersecurity threats is easy to do. Among those oft-forgotten threats are Distributed Denial of Service (DDoS) attacks, which we described in one of our past posts this way:

“According to eSecurity Planet a ‘basic denial of service attack involves bombarding an IP address with large amounts of traffic… Legitimate traffic heading for the Web server will be unable to contact it, and the site becomes unavailable. Service is denied.’ Or, in other words, a website crashes.”

DDoS attacks were on the rise several years ago when we first covered this trend, and recent studies show instances of this cybercrime continue to escalate. Per IDC Research’s US DDoS Prevention Survey, more than half of cybersecurity executives polled reported their organization had experienced DDoS attacks as many as 10 times during the past year. For respondents who were victimized, more than 40% of assaults lasted longer than 10 hours. Corroborating research indicates DDoS occurrences are increasing at roughly the same rate as overall internet traffic.

As the leader of a small to mid-size business (SMB) you may feel tempted to dismiss the DDoS growth trend as a cybersecurity challenge only for large organizations. You should be wary, however, regardless of how much of your business is handled by web servers. As reported by this blog many times, any assault via the internet can cost a small firm proportionately much more than it does a large company. In fact, left unmitigated, individual cybercrimes can put an SMB out of business.

That’s why we’re reiterating our basic advice for readers about measures that can thwart DDoS blitzes and keep your company’s digital presence humming:

  • Early Detection: Study the typical inbound traffic profile of your website with your IT Managed Service Provider (MSP.) Most DDoS offensives begin with spikes in traffic. But sometimes legitimate marketing activities cause spikes, too. You and your MSP will need to be in synch to tell the difference between beneficial site traffic and dangerous site traffic. You should appoint one person in your organization as the single point of contact for your MSP when DDoS trouble – or any kind of cyber hazard — is brewing.
  • Overprovision Bandwidth: As noted above, good marketing – advertising campaigns, releasing a new coupon, mentions of your firm in the media — can spike web traffic. Whether or not a surge is malicious, overprovisioning bandwidth by a factor of 100% to 500% as a precaution could give your IT team a buffer to recognize and react before resources become overwhelmed
  • Consider Hosting Services: If you currently host your own web server, consider giving the job to an outsource provider. Many MSPs manage or coordinate hosting services. A hosting center likely will have far higher bandwidth links and higher capacity routers than your company. Plus, the hosting team probably will have more experience dealing with DDoS attacks. Hosting also keeps DDoS traffic aimed at a web server that is off your firm’s network, so that email and possibly Voice over IP (VoIP) services can operate normally during an attack.

Regardless of size, many businesses engage MSPs that specialize in remote monitoring and management – not only for web servers, but networks, desktop computers and mobile devices, too.