While online security breaches can take many forms, Distributed Denial of Service (DDoS) attacks are a rapidly growing problem and no business or industry sector is immune.
In recent months, we have seen attacks on such diverse targets as banks, insurers, airlines, dating agencies, hotel chains, food manufacturers, healthcare providers, newspapers, universities, retailers, local authorities and government departments, and even a well-known greeting card supplier with a particularly memorable jingle.
Every business with an online presence is vulnerable to this threat. In fact, according to a new report from Arbor Networks1, DDoS attacks are now big enough to knock most businesses offline.
The largest attack reported last year was 500 gigabytes per second (Gbps) of traffic—a 60 times increase in traffic compared to 11 years ago. While there were also reports of attacks of 450Gbps, 425Gbps and 337Gbps, these were relatively rare. However, the report noted, "What is significant is that the average of just under 2Gbps, which we see across tens of thousands of attacks, is enough to overwhelm most business internet connections."
So, what exactly is a DDoS attack? And how does it work? DDoS can be compared to taking down your shop front by placing a large protest outside your shop. It then becomes very difficult, because of the size of the crowd, for genuine customers to get in. Without any customers, it stands to reason the business suffers a drop in revenue.
However, unlike in the physical world, these attackers (or, to continue the analogy, protestors) are anonymous. Some, like the group ironically named Anonymous, may publish their organizational name for financial reward or notoriety but, largely, they go unchecked.
The asynchronous nature of the internet means very large attacks can be generated though huge botnets (a network or private computers) or amplification and reflection attacks—making massive-scale DDoS events easier to pull off for the bad guys.
In addition to the size and sophistication of attacks increasing, a common trend now is for attackers to hack the target company's systems at the same time they launch a DDoS attack, a diversionary tactic to draw attention away from the data breach. Going back to our crowd analogy, it is the situation where one person bumps into you, while another steals your wallet.
What Does It Cost Your Business?
DDoS events continue to plague businesses of all types. Consider these examples, which all occurred February of this year:
What is your connection to the internet worth? An attack can last an hour, a day or even weeks. It can bring down your website, DNS and application servers, leading to significant costs due to the loss of system efficiency, as well as your e-commerce presence, revenue, reputation and stakeholder confidence.
Defense Against DDoS Activity
Sungard Availability Services (Sungard AS) has been offering a DDoS mitigation service for the past five years and this has escalated from being a "nice to have" to an absolutely essential part of a "defense in depth" security model: The coordinated use of multiple security countermeasures to protect the integrity of the data in a business. Such a strategy is based on the military principle that it is more difficult for an enemy to defeat a complex and multi-layered defense system than to penetrate a single barrier.
We have extensive DDoS mitigation expertise. In fact, we can detect an attack and start automatic mitigation in under 30 seconds.
Some of our techniques are to:
For your business, you need to know defense against an attack is harder to do on the fly. It is quicker and far more effective to proactively implement defensive measures in readiness, rather than wait until you are under an attack.