Whether you’re a Fortune 500 company or a neighbourhood retailer, cybercrime is a genuine threat to your business, revenue, and brand.
Between 2015 and 2019, cybercrime incidents are expected to quadruple, with the estimated cost of data breaches exceeding $2.1 trillion around the world. Implementing effective DDoS protection is key to ensuring your web property is secure, and that you’re ready to fight off any attacks.
History of DDoS attacks
Cyber-attacks are not a new phenomenon. The first DoS attack was in 1974, perpetrated by the curiosity of a 13-year-old boy in Illinois. He forced 31 University of Illinois computer terminals to shut down simultaneously by using a vulnerability in what was then the new “ext” command.
In the 1990s, Internet Relay Chat was targeted through simple bandwidth DoS attacks and chat floods. But the first major DDoS, or distributed denial of service attack came in 1999, when a hacker used a tool called “Trinoo” to disable the University of Minnesota’s computer network for two days. Other attacks followed, setting the groundwork for the large-scale cyber-attacks we see today.
The cost of DDoS attacks
DDoS attacks, and the motivations behind them, have evolved since the first attacks in the nineties. Today, they are fiercer, easier to launch, and are often politically-based. Each and every day, there are orchestrated cyber invasions carried out not only on big target corporations, but on small and medium-sized businesses as well.
Few are sufficiently prepared to fend them off, however. The cost to businesses is spiralling, and estimated to be somewhere around $500 billion or more. Even then, experts say, most of the 50 million attacks each year go undetected. The cost of a cyber-attack for businesses is not only a loss of productivity, revenue, and business opportunities, but also damage to the company’s brand image. Operational costs skyrocket in many cases, as the businesses scramble to find and remedy their security vulnerabilities.
What happens in a DDoS attack
With all the damage that can be caused to your web property and business through DDoS attacks, it’s surprising how simple a premise they really are. Web, DNS, and application servers; routers; firewalls; and internet bandwidth handle huge amounts of connections on a daily basis. A DDoS attack occurs when a series of compromised systems send hundreds or thousands more connections than the servers can handle.
This can easily happen through the use of a botnet or a linked network of hijacked systems. Some DDoS attacks transpire as a disguise to target the systems that control the sites and servers. This opens them up to the possibility of becoming infected by malware, oftentimes in the form of a Trojan virus. Then the system becomes part of the botnet that infiltrated it in the first place. Attackers may target different parts of a company’s network at the same time, or they may use these DDoS events to cover up other crimes, such as theft or fraud.
Preventing a DDoS attack
Automation technology can partially help to prevent cyber-attacks, but it also requires human intelligence and monitoring to protect your website to the fullest extent. Traditional web structures aren’t sufficient. A multi-layered cloud security developed and monitored by highly experienced and committed engineers offers the best protection.
Understanding how DDoS attacks work, and being familiar with the behaviour of your network are crucial steps in preventing intrusions, interruptions, and shutdowns caused by cyber-attacks.
Here are some other tips to help prevent a DDoS attack:
•Implement technology that allows you to monitor your network visually. Know the amount of bandwidth your site uses on average. DDoS attacks offer visual clues, and if you are intimately familiar with your network’s normal behaviour, you’ll be able to detect these attacks more easily.
•Ensure that your server capacity can handle heavy traffic spikes and has the mitigation tools needed to address security problems. Add bandwidth.
•Update and patch your firewalls and network security programs.
•Understand how your cybersecurity system works, and set up protocols that outline action needed when a DDoS attack occurs. Practice carrying them out.
•Don’t hesitate to call in a professional. DNS providers and companies like CDNetworks can help you protect your web property by rerouting visitors as needed, monitoring performance for you, and distributing traffic across a number of servers should an attack take place.
Steps to take if you’re attacked
While early detection is key to preventing devastating outcomes, there are steps you can take if you are the target of a DDoS attack. The first step is to ensure you have a cloud-based DDoS mitigation system in place that can handle attacks. Additional steps include:
•Setting up new IP addresses for your systems
•Ensuring DNS records are set for maximum security
•Blocking countries recognised as DDoS attack hubs
•Having a dedicated server exclusively for email
•Recording connections to your servers
CDNetworks offers security solutions that not only protect your business or organisation, but also your company and clients’ intellectual property stored on your system and its servers. A proactive approach can prevent the damaging effects of DDoS attacks.
For more insights on cybersecurity, join Jerry Chung (Country Manager – Singapore, CDNetworks) at ConnecTechAsia Summit 2018’s Security Thought Leaders Panel: The Digital Security Divide vs Global Interconnectedness. Marina Bay Sands, 27 June 2018.
