Among the numerous common internet security threats designed to maim networks and steal private data, distributed denial of service attacks have the greatest potential for directly crippling networks and causing loss of income for businesses. DDos attacks continue to grow in stride becoming more sophisticated with increased obscurity and intensity; coming a far way from its very meek beginnings in 1997.
DDos attacks, with the largest recorded with bandwidth in excess of 300 Gbps, will become more common as technology and connectivity advances in favor of speed and network resources. Throughout history, attacks in the range of 50 GBPShave been sufficient to take down bank websites. This proves how vulnerable many businesses are as attacks strengthen.
Though the average website owner may not be the obvious target for these types of attacks, the fact they’re becoming more common and the technique more easily understood by the average cybercriminal, means we can expect to see a rise in its occurrences, as we’ve seen in the case of lower level malware and website injection attacks. On average, there are 3,000 DDos attacks noticed per day, according internet security firms across the globe with a 71% increase in reported attacks by companies in 2013 over 2012.
The Potential for Lost Business
An unchecked DDos attack essentially means that your service, via your website or other network assets, delivering vital content for your business to function is completely halted. An ecommerce website, for example, whose business relies on cash flow from sales of merchandise online, finds their business at a standstill as the network becomes flooded and overwhelmed with illegitimate data packets.
To put things in perspective, imagine e-commerce websites during a frenzied shopping period like Black Friday, where in a day online stores across the globe record sales in excess of $1.2 Billion. With popular online retailers such as Amazon, Walmart and Target, a successful DDos attack at this time can prove catastrophic as all services would be blocked from public access. Imagine a distributed attack that lasts a few hours throughout a day like that and you’ll realize the financial impact of such an event. On calmer days, it is well accepted in the web security industry that these attacks can cost enterprise level business $100,000 per hour since access to products and services are not only blocked but purchased advertising geared towards closing sales back to the main website is wasted. Not to mention that it takes an average of 10 hours before a company even begins to resolve the attack.
The cost of DDos attacks are best contained through preparation and mitigation planned well in advance before attacks are initiated; prevention is better than cure.
How to Mitigate an Attack
Mitigation goes well beyond the on premise network security infrastructure. Routers, firewalls and switches, though in many instances are equipped with advanced intrusion detection and traffic and bandwidth reporting; lack the power, scale and intuitiveness to mitigate attacks of the current age that can easily overwhelm even the most resourceful ISPs. Also, unfortunately, there is usually an air of overconfidence among IT Managers as they’re convinced they’ve implemented the best threat management solutions and these attacks seem so random they may never hit them – until they do.
Successfully mitigating a high bandwidth DDos attack requires the use a cloud based solution capable of real-time monitoring and acquisition of threat intelligence, able to work in hybrid models where if on premise fails, load can be transferred to a cloud location with the ability to redirect legitimate user traffic to backup server locations. Traditional unified threat management solely via network appliances does not offer this level of sophistication and failover response.
Acquiring these servicesis quite affordable; for example, in the case of Fireblade – they offer a business level protection from about $250; the investment in threat mitigation is well worth it. Fireblade is a security-as-a-service company providing not only DDos protection service but also offering resources to boost website speed, with protection against other malicious and intrusive criminal network activities and real-time monitoring.
Their solution saves your business from investing in infrastructure and staff to accomplish this on your own, which could easily run your security budget in the millions. Doing it on your own is simply not a viable option from the standpoint of acquiring skill, resources, experience and expertise. Fireblade is not the only DDos protection service in the web – roam the web to find out for other services you can use if you want to A/B test.
The keys to saving your business from disastrous DDos attacks and other malicious activities geared towards compromising private data lie in the use of a cloud based unified threat management service provider. The upfront investment is quite minimal compared to what you stand to lose from lost opportunities and recovery costs.