DDoS attacks are known for causing chaos to even the largest organisations. If your firm is targeted, how do you minimise the damage suffered?
DDoS attacks have become more and more regular, and even make it on to the front page of newspapers through recent attacks on Twitter, Netflix, CNN, The Guardian, and many more. Fortunately, there are ways to protect your business from the damage caused by DDoS attacks.
What is a DDoS Attack?
DDoS, or Distributed Denial of Service, is an attack that overwhelms its target. The target can be one of many services, such as applications or communication protocols within your business’s underlying server infrastructure. The purpose of a DDoS attack is to slow or even shut down a service by sending a huge amount of invalid requests from multiple sources.
It is the same principle as a traffic jam during rush hour. Due to the large amount of traffic coming through, the network and its servers don’t have enough resources to deal with the invalid requests on top of the clean requests. This is made even worse by invalid requests leaving the server hanging, as they send a request but do not respond to the server afterwards. The invalid requests will then block all of the server’s processes, not letting clean requests take their spot, and effectively shutting down a service.
Why are DDoS Attacks a Threat?
With the continuing rise of the Internet of Things, and therefore the production of more and more devices with an Internet connection, it has become common practice for hackers to utilise surveillance cameras, baby phones, and suchlike. On a large scale, these are turned into botnets that can produce traffic of several hundred gigabits per second of data. Adding to the severity of recent DDoS attacks, the most common motives, such as political and ideological dispute and vandalism, make nearly everyone a target.
Preventing and Handling Attacks
There is no way of preventing a DDoS attack. When it comes, it comes. This means that protection from DDoS attacks affecting your business is more about handling and mitigation.
A very simple way of mitigating a DDoS attack is to have large resources as backup in case of an attack. That way there should be no dips in performance, as the network and the servers can handle the traffic of the invalid requests. This technique is not viable for use in a company infrastructure, but is still used by companies that provide DDoS protection as a service to have a buffer while analysing traffic.
Unfortunately firewalls are not the answer either, as they will need to analyse traffic before it comes through. This can create a bottle neck, potentially making things even worse.
It is important to include DDoS in your disaster recovery and business continuity plans. Knowing the signs of a DDoS attack, such as slow network performance or even downtime, will improve reaction time. ISPs and service providers offer emergency services to mitigate attacks and bring your service back up within minutes. Filtering high traffic from unusual locations will mitigate the effects of the attack and might keep your service up. In addition, DDoS attacks are often used to create smoke for hackers to get sensitive information or commit fraud while an understaffed IT department is tackling the DDoS attack. Maintaining a high security standard during an attack is mandatory.
To summarise, it is highly important to follow documented procedures and know the steps to take in case of an attack. This will help to mitigate the impact as much as possible, and should keep your business running. For advice and guidance on implementing DDoS response provisions within your firm’s BCP, please contact us.