The worst thing that can happen to an online business is losing it ability to connect with its customers. There’s a calculable dollar cost for every second customers can’t load the business’ site, contact it by email or instant chat, or use a service they’ve paid for. Sales are lost and disgruntled users turn to competitors.
Distributed Denial of Service attacks bombard a target network with huge amounts of data — so much data that the interface and the servers connected to it can’t cope with the load and become unable to service authentic requests.
DDoS attacks have always been a problem for online businesses. But in the last few years the frequency and volume of DDoS attacks has increased enormously.
Anyone who pays attention to the online security media knows that DDoS attacks of increasing sophistication have turned some of the internet’s core services against it. DNS servers, NTP servers, and email servers are regularly used to amplify the bandwidth criminals have available to them. A criminal in control of a moderately large botnet can amplify the volume of data they’re capable of sending by many orders of magnitude, creating floods of data so intense that even the largest and best-protected sites struggle to stay online.
Over the last couple of years, the rapid growth of the Internet Of Things has added another arrow to the DDoS attacker’s quiver. Most of us now have smart connected devices in our homes and businesses, ranging from security cameras to refrigerators. The IoT has amazing potential, but in the rush to get cheap connected devices onto the market, manufacturers pay scant attention to security. Many of these devices use default usernames and passwords or otherwise easy-to-break authentication.
Hackers can easily recruit huge networks of insecure, internet-connected devices and use them to bombard innocent businesses with massive volumes of data. The danger of insecure IoT devices was amply demonstrated last year; an attack using the Mirai botnet — largely composed of internet-connected cameras — against DNS provider Dyn caused companies including Google and Twitter to experience availability issues and downtime.
Even the least technically sophisticated criminal — or competitor — can launch a crippling attack. Botnet owners monetize their assets by creating DDoS as a Service products which allow anyone willing to pay a small amount of money to have their chosen target attacked.
All of which means that any business that depends on the availability of online services should consider DDoS protection a vital component of their business continuity and availability strategy plan. Managed DDoS protection uses high-bandwidth edge-nodes located between our data center network interfaces and the internet to filter attacks before they reach clients’ servers, ensuring sites and services remain available to legitimate users.