Distributed Denial of Service (DDoS) hardly sounds like a phrase that should blanket airwaves. Sadly, it has become an all too common phrase heard in both technical and consumer news media today. Despite it being used as an attack technique for many years, far too many organizations remain unprepared for it to occur on their watch.
A business of any size that relies on the internet for sales, marketing, logistics, or common web applications now faces an increasingly complex and virulent threat through evolving DDoS mechanisms that have the capacity to render your website, data, and devices at least temporarily useless without a well-rehearsed mitigation plan.
According to a few recent reports, the first quarter of 2017 saw a gigantic uptick in DDoS attacks, with a marked increase in their tenacity and sophistication. However, researchers at the said this is clearly just the beginning, as they believe the worst is yet to come.
With an ever-growing percentage of organizations worldwide experiencing some form of online attack at least once in the past 12 months, this time-tested form of attack struck many headline-grabbing targets over the past few months. Universities of varying sizes, traffic light control systems, and even the Microsoft voice service Skype fell victim. The need to plan for DDoS-specific attacks is here.
For purposes of common understanding, U.S. CERT provides the following description: “a DDoS attack is intended to take an organization or a service offline, or otherwise render resources unusable, which originates from (or appears to originate from) multiple hosts. The ‘multiple hosts’ part of the attack is what is ‘distributed’ and is what makes the attack more difficult to defend against.”
With organizations being attacked on a much more frequent basis, all businesses should reexamine the effectiveness of their overall security strategies regularly, and implement or revise their DDoS mitigation plans. While it is nearly impossible to entirely prevent a DDoS attack, those organizations that do preemptively plan in advance will find it much easier to respond, and limit the technical and business disruptions that are frequently the aim of the attackers.
Another troubling related trend is the use of DDoS attacks to mask other cybercrime, such as installing ransomware and malware concurrently. In 2017, we saw that DDoS victims also experienced increased malware activation, customer data breaches, ransomware and intellectual property theft compared to the year prior.
While the landscape may appear bleak, website owners should find fitting tools to protect their financial assets and corporate image as they proactively plan how to respond to these scenarios in advance. Companies should consider seeking input or direction from their internet service provider, technology companies (particularly those with experience in DDoS mitigation) – and even law enforcement depending on the size and scope of your business. Sensitive and proprietary data should be copied and stored in a separate, secure location, with backup copies not accessible from local networks. Additionally, security services such as Web Application Firewalls should be used to monitor and protect network, transport and application layers.
Finally, a DDoS plan should be well-rehearsed. After all, a plan that has not been exercised or rehearsed has no real legitimacy to withstand and whether an event. Too often the small business community waits until a disaster happens to start calling in the cavalry. It seems that, once again, the best defense is achieved by advanced planning and addressing the security basics as best you can. Just ask one of the of recent victims.
Avi Bartov is CEO of GamaSec, a global provider of website security solutions for small and medium-sized businesses. The company offers cloud-based website vulnerability identification, remediation-as-service, web attack prevention as well as a Data Breach Limited Warranty. Founded in 2006, GamaSec is headquartered in Israel with offices in New York City. Visit www.gamasec.com.