DDoS attacks hit new records

If you own a business that depends on online presence to survive, or you work in IT security, then it’s not just Covid-19 stats you should be looking at. During 2020, despite the pandemic hitting everyone globally, DDoS attacks increased by over 15% over 2019. That sounds like yet another percentage, but the actual impact can be devastating for businesses, small and big alike.

A quick refresher first - What is a DDoS attack?

One definition, by Netscout, is that “DDoS is an attempt to exhaust the resources available to a network, application, or service so that genuine users cannot gain access”. In practice a DDoS attack on a website or a network feels like a few hundred or a thousand elephants are trying to pass through your hallway, therefore rendering access to your kitchen very difficult, if not impossible.

Over the years, the way cyber criminals attack has become much more sophisticated than just bombarding a website with traffic. Now it is a combination of high-volume attacks, along with more difficult to detect infiltrations that target applications as well as existing network security infrastructure such as firewalls, routers and IPS.

I will spare you the technical differences between a ping / ICMP flood, a TCP SYN flood, an SSL exhaustion or a BGP hijack since they can become numbingly boring, and I might also run out of alphabet letters listing down all the acronyms – the important point to be made here is that the protection and mitigation mechanisms need to be able to handle the complexities behind the attacks, and not just against a “simple” volumetric attack, for example. Indeed, multi-vector attacks has become more common and are now almost the norm.

Why are DDoS attacks so dangerous for your business?

A DDoS attack is a threat to your ability to continue doing business. As businesses have grown more dependent on the Internet and web-based applications and services, online availability has become as essential as electricity and water.

From our experience, the most obvious targets to a DDoS attack are Financial Services and iGaming companies.  But a DDoS attack can also target the mission critical business applications that your business relies on, daily email, payment gateways, sales software and automation, CRM and many others.  Additionally, other industries, such as manufacturing, pharma and healthcare, have internal resources that the supply chain and other business partners rely on for daily business operations. All of these are targets for today’s sophisticated cyber attackers, as the North Korean attack has shown in a very public way.

Look beyond the high-volume attacks

Many associate DDoS attacks with high-volume, “spectacular” attacks – because that’s what makes news.  But for most organisations, this is rarely what they should be worrying at.

Netscout recommend that as businesses start considering the steps needed to mitigate the risk from DDoS attacks and maintain resilience and availability, they should keep the following in mind:

1. Think beyond volumetric attacks. State-exhaustion DDoS attacks that block devices such as firewalls, load balancers, and VPN concentrators from doing their job can also negatively impact vital applications, services, infrastructure, and data. This is particularly relevant in the current high dependence on VPNs due to remote working. The recommendation here is that companies deploy a DDoS set-up that protects beyond the obvious, to be protected the widest type of DDoS attacks possible. We can help. Reach out and we will set up a quick call to go through your worries and requirements.
2. Cloud-based protection is not enough. The most common form of DDoS attack protection is a cloud-based mitigation service. This is critical to stop large, volumetric DDoS attacks that outstrip the volume of the internet connection but is only one part of a comprehensive protection strategy. Companies shall also think of their own network and how it can be protected – and ensure that their service provider has mitigation mechanisms within its own network, and not just depend on 3^rd parties. BMIT’s Managed DDoS Shield caters for end-to-end protection, and with its multi-tier mitigation mechanisms ensures that you tick these best practice recommendations.
3. Size doesn’t always matter! Smaller and short-lived attacks can be as lethal as massive attacks and it is therefore important that your service provider can provide instant detection and mitigation mechanisms. Netscout estimate that almost 25% of attacks last less than 5 minutes, and the absolute majority an hour or less.

The end message is that DDoS attacks can be mitigated if, and only if, you are prepared. A key part of that preparation lies in a regular engagement with your service provider to ensure that the right set-up is in place, end-to-end.

If you would like to know more about BMIT’s DDoS offering, we would be glad to discuss further. Reach out.