2 June 2015
Max Pritchard, Senior Pre-Sales Consultant, activereach Ltd, explains that a DDoS attack may be closer than you think
Distributed Denial-of-Service or DDoS attacks are becoming an increasingly common weapon in the arsenal of cyber criminals. Over time, Denial-of-Service has evolved from simple attacks (e.g. sending overwhelming volumes of e-mail) from a single source, to attacks that come from thousands of compromised agents acting on behalf of a cyber-criminal or gang.
DDoS attack tools have been around for a long time, but until recently, have not gained much popular attention. Hacking into networks and stealing information is a headline grabbing activity; seemingly more glamorous than DDoS and perhaps more lucrative. DDoS attacks are the online equivalent to throwing bricks through a shop window or setting light to a dustbin.
Far from being limited to a small range of targets, DDoS attacks have proven so easy to launch and so difficult to defend against, that every modern day business with an online presence is at risk. Publicly available tools, a little knowledge, and a small number of individuals with a grudge, a motivation, or a malevolent intent are all that is required to disable an organisation’s ability to conduct transactions across the internet.
Leading cloud based DDoS attack mitigation firm Akamai reports that they are seeing an average of 7,000 DDoS attack events a day. A look at the latest dashboard on DDoS attacks from ArborNetworks suggests over 26,000 attacks in the past 24 hours. Both companies report increasing frequency and average size of attacks quarter-on-quarter in 2014/2015.
Effective DDoS attack mitigation models require cloud-based protection against volumetric threats (perhaps better referred to as “flood defences”), combined with more sophisticated, SSL-aware, application-aware defence at the customer site nearest to the target servers or services. This is referred to as a ‘hybrid model’ and provides the most comprehensive defence approach.
Like all network security solutions, a DDoS attack mitigation solution has to be combined with real changes in people and processes to be effective and these need constant reinforcement as the threat and target landscapes change. How do you tell if one device’s DDoS mitigation is better than another’s? How do you make sure that your systems, people and processes are aligned and ready to meet the business need for continuity and uptime? The answer is testing.
If you have your head in the sand, you are in trouble. When a business is attacked it needs to react quickly to protect its ecommerce platforms and reputation. Sensible companies invest in mitigation equipment or cloud services but smart companies test these solutions and their people so that when a real attack happens, they are ready.