These days you don't have to be a government agency, bank or right-wing website like Whaleoil to be concerned about becoming the target of a Distributed Denial of Service (DDoS) attack.
The hackers who carry out these costly shutdowns are getting stealthier and more ferocious, and organisations across all industries need to get prepared.
According to NSFOCUS, a major DDoS event broke out every two days on average during the first half of 2013 and about two-thirds of victims suffered more than one attack.
So just what is a DDoS attack? It’s an attempt by an attacker to make an online service unavailable to genuine users by overwhelming it with traffic from multiple sources.
Unlike a Denial of Service (DoS) attack, where an attack comes from a single host, a DDoS attack uses many compromised systems - sometimes thousands - to simultaneously launch attacks against a target site.
It results in an overload of computing resources as servers try to handle the flood of incoming messages and, at its worst, can affect entire networks connected to the computer being attacked. To legitimate users trying to access a targeted website, it may show up as slow performance, with files or pages opening at snail speed, or the site will be completely offline.
I often get asked who should be most concerned. Hackers do not discriminate by size and any organisation can become a target either directly or indirectly, ranging from banks and government agencies, through to news websites and private businesses.
DDoS attacks are increasingly being carried out as cyber terrorism and organised crime, making sites unavailable for political gain or to demand a payment before the attack is stopped. These attacks rarely hit the media as few organisations want to publicise a security breach.
In New Zealand, high profile hacktivism attacks have included the online activist group Anonymous threatening our government to protest the actions of the GCSB. More recently, Whaleoil was stranded for many days when unidentified cyber assailants attacked the site.
Attacks can have a long-lasting impact beyond the shutdown of services for a period of time. Every minute of downtime for a business site can equal thousands of dollars in lost revenues. And security incidents often have a negative effect on business operations, resulting in significant opex costs, loss of customer trust and erosion in brand reputation. There are also legal and regulatory obligations as part of business continuity planning.
So what should you do to protect yourself from the DDoS threat? Traditional security products are not designed for today’s complex DDoS threats as many provide protection on site. That means that by the time an attack is detected, it is already using up internet bandwidth and process power and disrupting legitimate business transactions.
And buying more bandwidth and processing power may not help as the attacker can simply add more attack machines.
If doing business online is important to you, you’ll need an ICT partner that proactively mitigates risks by working with companies to monitor international gateways, detect and prevent attacks at source without disrupting normal business transactions.
Gen-i has a Managed DDoS Protection service and has joined Abor Networks’ Cloud Signalling Coalition (CSC) to help further reduce time-to-mitigation for dynamic threats facing our client’s networks.
You can’t afford to disregard DDoS attacks. The risk is too severe.
By Ling Hou, Business Manager - Security