DDoS Attacks More Than Just Last Month’s Newspaper Headlines

Last month denial of service attacks hit the headlines again. The Spamhaus denial of service attack was called the largest cyber attack in history and this week the Dutch authorities appear to have caught the hacker involved. It was like 1999 again when DDoS attacks first got the press excited.

The return of DDoS as a hot IT security media topic reminds us that this well-established technique can still cause tremendous damage. What’s more, there’s growing evidence that the average bandwidth seen in these attacks is expanding massively, increasing the likelihood that a DDoS attack could knock offline many more major online services for much longer and for many more people.

Indeed the effects of a DDoS attack on reputation and business continuity are even more considerable today especially as hackers target high profile online businesses and services central to our lives, work and entertainment.

When it comes to downtime there are real knock-on effects from not being able to trade. For example, when Amazon had an outage for 49 minutes at the beginning of this year it reportedly cost the company more than £2.61 million ($4 million) in lost sales.

In addition to downtime , there are other implications for companies, many with substantial indirect costs.

1. The cost of lost brand reputation – have existing customers defected to the competition, or has an attack deterred potential customers?
2. The cost of IT personnel tied up addressing an attack
3. The potential increase in the number of calls fielded to customer help desks and call centres
4. The cost of disaster recovery – if any data needs to be manually inputted following downtime
5. The loss of employee productivity during an attack
6. Compliance and regulation costs – as non-compliance may lead to fines imposed be regulatory bodies

As the Spamhaus incident showed, there’s also collateral damage for organisations not directly targeted by the hackers as Internet traffic slows down or becomes erratic.

So what’s the best strategy on DDoS mitigation?

The goal must be to proactively detect any abnormal, malicious activity when it is still at the edge of the network and deal with it there, rather than once it is within the perimeters of your network. Mitigating the attack as aggressively as possible decreases the likelihood of Internet services being lost or impaired.

Given the nature of DDOS attacks - i.e. how they literally come through the network - it makes a great deal of sense to take the fight to them there and deploy against DDoS attacks in the network where you’re also better able to scale up against an attack and mitigate it.

DDoS protection as an integral network service has a lot to recommend it when compared with just traditional on-premise security approaches. Security appliances are expensive to scale-up as your business grows and threat complexity increases. Network based security for DDoS and other threats can be expanded without the need for additional investment or more importantly the time lag required for procuring and implementing the next device.

As DDoS attacks increase in sophistication and size, making sure your network always works for your organisation rather than becoming the source of attack is certainly recommended! Network based security can minimise downtime and lost revenues, protect core enterprise assets and prevent future hidden costs.