By Anas Baig
Distributed Denial of Service (or, DDoS) attacks are becoming increasingly threatening to virtually every type of business. Whether you run an ecommerce, or other form of online business, no company large or small is completely safe from these attacks.
Since 2010, thousands of businesses have lost millions of dollars due to DDoS attacks. According to research by the Kaspersky Lab, 30% of businesses fail to take action against DDoS attacks. As alarming as this fact is, a further 12% reported they were under the assumption that small DDoS attacks had no major impact. When, in reality, any attack can cost a business millions of dollars and tarnish their brand image.
A few years ago, the Ponemon Institute estimated the average cost of one single minute of website downtime due to a DDoS attack to be $22,000. With an average downtime of 54 minutes per DDoS attack, it's not farfetched to imagine the toll this has on a companies around the Australia.
What is the motive of a DDoS attack?
If your website has been the target of a forceful takedown, it will give your competitor a better chance of attracting visitors that could otherwise be your customers, which would obviously negatively impact your revenue stream in the long run. Plus, visitors that attempt to view your website will generate a negative perception of your brand, deducing that since you are not capable enough to protect your website, you would be unfit to protect personal consumer information stored on your database.
And unfortunately, DDoS attacks are becoming more common, and with changing times, the motive behind these attacks has changed too, ranging from asking for a ransom to extorting money to not attack your website. In the middle of it all, the data of your customers is always in the firing line.
How can you protect your business against DDoS attacks?
Seeing as how well-known businesses like BBC, GitHub, OVH were not safe from DDoS attacks, how could any businessmen risk not taking proactive measures and getting hit by a DDoS attack?
According to a survey by Kaspersky Lab, 40% of businesses are still unclear about how to protect their business, brand and online store against DDoS attacks. It’s quite hard to completely protect your online presence in this day and age, but it’s certainly not impossible. DDoS protection must be at the core of every cyber security strategy.
Here are the four most important types of protection against DDoS attacks.
1. Recognising the signs of a DDoS attack
Precaution is always the best defense against a DDoS attack. Recognizing a DDoS attack in its early stages is incredibly helpful. Unfortunately, not all DDoS attacks are easy to defend and identify. They're usually not much different from normal spikes in network or web traffic.
Investing in the right technology, training and expertise can help you in analyzing the difference mentioned above. Using an Anti-DDoS service is always recommended, and planning a great incident response program is usually helpful.
2. Use VPN for DDoS protection
Anti-DDoS VPN service hides your real IP from the attackers; and filters the incoming traffic to your website or server through its anti-DDoS mitigation servers. Once you connect with a VPN, all the unwanted traffic will route to your VPN provider's server. It's only possible if you have the “DDoS Protected Dedicated IP” add-on.
3. Contact your ISP provider
Not only your company suffers from a DDoS attack, but your ISP feels the effects too. You can call your ISP in the event of the DDoS attack and request them to trace the source of the attack and re-route your traffic as per their recommendations.
While choosing an ISP, you can make sure if they have any DDoS protective services available. You must also have a backup ISP present to keep your business running in case of an attack.
4. Have your threat intel handy
Join your local ISAC & use the Threat Intel Service Provider or network with your peers to understand the source of threats and attacks. Remember, half the battle is won by just knowing what to look for.
- What are the potential indicators of an attack?
- What threat vectors are most popular?
- And how are your peers responding to those attacks?
About the author
Anas Baig is a Cyber Security Expert, a computer science graduate specializing in internet security, science and technology. Also, a Security Professional with a passion for robots & IoT devices. Follow him on Twitter @anasbaigdm, or email him directly by clicking here.