What if your business website went down, for an hour, for eight hours, for a whole day? How much revenue would be lost? What would be the lasting impacts for the company? What if vital information (credit card number, email address, purchasing history) was compromised when your website was victimized in a cyber attack? What could be done to prevent this from happening again? What should have been done to prevent it from happening in the first place?
Engaging in this type of ‘what if’ game is absolutely essential in this day in age. As businesses of all sizes and across all industries become increasingly reliant on the cloud, databases, and the web, it’s vital that network security keeps up with evolving threats.
What are DDoS attacks?
Distributed denial-of-service attacks (DDoS) are a growing menace affecting websites of all shapes and sizes. Hackers gain access to multiple devices and use them to overwhelm a target server(s), or other web infrastructure, with the goal of slowing website performance, or crashing the site completely. A nightmare scenario for any web hosting professional.
CDNetworks, a global content delivery organization that provides DDoS defense services, analyzed client data and experiences collected over the course of providing DDoS defense services in 2014. What they found were some staggering statistics and a course for some very clear trends in 2015:
- 29% increase in DDoS attack frequency
- 64-fold increase in amplification attacks
- twofold increase in high-traffic attacks of over 20G
- 39% of all attacks target game companies.
DDoS attacks and mobile
One of the reasons for the growth of DDoS attacks is the prevalence of mobile devices (phones, tablets), coupled with faster network speeds (the latest models of smartphones are 5G-capable). Mobile devices are exponentially increasing the amount of targeted mediums, and the vast majority aren’t equipped with the same protections (i.e. anti-virus programs) as PCs. Mobile apps, infected with malicious code, are one of the primary ways hackers are able to gain access to mobile devices.
Putting a mitigation strategy in place
The best way to protect online real estate is to perform due diligence. Put a system in place that ensures sensitive information stays secure and business as usual continues on the site. DDoS-specific protections should be part of a comprehensive security system that includes firewalls, IPS devices, and other security measures. I’ve outlined a three-pronged attack to warding off a mobile DDoS campaign: infrastructure, anti-DDoS hardware, and ongoing professional monitoring. Let’s tackle infrastructure first.
One of the methods of DDoS attacks is to overwhelm a targeted website with traffic. Using a network of botnets, recent DDoS attacks generated traffic of 50G, and larger attacks can get up to 100G. With a cloud-based infrastructure, websites can accommodate global users and handle traffic spikes, both in planned events and unusual circumstances, like a DDoS attack. Combine the cloud with several high-performance servers to ensure the website can handle whatever might come its way.
An anti-DDoS device that suits your company’s capacity is essential. These devices often have automatic updates that ensure defense from the latest threats. Be sure to update regularly to ensure consistent protection. DDoS attackers are always looking for a new way to get into your system so be sure to prepare for Get, POST, and slow attacks by implementing an Layer 7 (L7) switch to direct potentially malicious traffic away from your site. L7 attacks are slow-moving threats, and mimic human interaction with a server, often making it difficult to determine its validity.
The global online marketplace is a 24 hours a day, 7 days a week, 365 days a year operation. That means your system is not only available as a resource at any time, but also vulnerable to an attack at any moment. Monitoring of web traffic is a key component to DDoS security. One option is to hire DDoS experts on staff, but this may be cost prohibitive, and it’s often difficult to find reliable experts who are up to date on the latest trends in the field. More and more businesses are choosing to outsource this security component and leverage a knowledgeable team that’s up-to-date on the signs and symptoms of DDoS.
Knowing these types of attacks are on the rise is a chance to analyze your business’s game plan and take steps to prevent a DDoS attack from crippling your website, or worse. Keep in mind, DDoS attacks are often diversions for other serious crimes, data breaches, fraud and other types of criminal activity.
About the Author:
Sharon Bell is the Director of Marketing for CDNetworks, a global CDN service provider.