There’s a recurring theme underpinning many of this year’s biggest news stories in Australia – IT security.
It’s been near impossible to read the news without seeing an article reporting on the fallout; from the leaked Panama Papers, the launch of the Federal Government’s cyber-security strategy, and most recently issues with the 2016 Australian Census – to name but a few.
The stories serve to remind us of the critical role security plays in today’s connected world. As we embrace more and more digital solutions – from collaboration tools like Skype for Business, through to cloud applications enabling us to access sensitive data remotely – risks inevitably increase.
And as the business value and volume of data grows it’s becoming more appealing to cyber attacks. Radware’s annual Global Application & Network Security Report outlines more than 90% of respondents reported experiencing attacks in 2015. That means that for many organisations it’s no longer a matter of if, but when a data hack or security breach will occur.
With organisations more exposed than ever before – simply due to the sheer number of online services used – there is a need to be pro-active when managing IT.
A particular area of focus should be around distributed denial of service attacks (DDoS).
What is a DDoS attack?
A DDoS attack is when cyber criminals take control of PCs or servers, often in different geographical locations, to overload your network or applications with traffic to disrupt normal operations.
For example, if a retailer is launching a new line of clothing or seasonal sale online, cyber criminals can direct an unprecedented volume of user traffic to the website. If the network does not have the capacity to handle the number of requests it is receiving, the website might be slow to load assets or handle requests, severely impacting the user experience.
Why does DDoS matter?
The potential financial losses during a prolonged attack could be enormous – caused by lost sales during the initial outage,
through to the wider business impact caused by damages to brand reputation.
Why are DDoS attacks becoming more prominent?
With many businesses now operating in online environments, the opportunities for cyber criminals to use DDoS attacks is increasing. Radware’s report shows that DDoS remains the largest threat for organisations with 50% of the respondents reported DDoS attacks.
There are two types of DDoS attacks to be aware of:
- Volumetric Attacks –the entire network is flooded with requests to consume all available bandwidth, slowing down response times and availability.
- Applications-Layer Attacks –specific function or application on a website are targeted to disable it – such as the search function on a retailer’s website, or a utility provider’s billing platform.
Spotting an attack?
DDoS attacks are designed to look like legitimate network traffic, meaning they are often difficult to spot.
To overcome this your DDoS solution must be able to detect abnormal network behaviours and patterns, and automatically re-route suspicious traffic through a “scrubbing centre” to prevent the entire network being paralysed if it is malicious.
How do DDoS protection solutions work?
Protection solutions work by analysing all traffic passing through your Internet networks and alerting you when high, suspicious, or malicious traffic is seen. When a DDoS attack is detected, the attack traffic will be isolated. This reduces the impact of the collateral damage and enables other parts of the network to return to normal. The malicious traffic will be diverted to “scrubbing centres” for cleaning and allow clean traffic to be directed back to the network ensuring your business stays online and available.
Considering the real-time nature of business today, even impacts of a short outage can have severe repercussions. As such, the speed at which attacks are identified and resolved must be rapid. DDoS solutions also need to be able to scale to accommodate high levels of traffic during product launches, or peak user times without being mistakenly diagnosed as an attack.
Cyber-attacks can come from anywhere in the world, so DDoS solutions must be able to monitor traffic from a variety of locations and “clean” it as close to the source of the attack as possible to quickly and efficiently address the problem.
What are the key benefits when employing a DDoS Solution?
- Automatic and 24/7 detection of potential threats
- Attacks are localised in the carrier’s network, minimising the overall impact and allowing them to be easily addressed
- Enables business continuity as legitimate transactions are routed back into the network
- Businesses stay ahead of threats with pro-active alerts and comprehensive reporting processes
- Lower capital cost as network based solutions require no significant upfront capital investment
How can you help your customers address the threat of DDoS to their business?
Ask them to determine the consequence of a DDoS attack on their business. How would it impact their customers? How would an attack affect the brand?
By exploring the business impact of a DDoS attack together you can help your customer build a business case for DDoS.