Distributed denial of service (DDoS) attacks have been growing in both size and sophistication. In October 2016, two high-profile DDoS attacks reached more than 600 Gbps and 1 Tbps. Both attacks were ranked among the largest DDoS attacks on record. The ferocity of these attacks have indicated that this trend is only set to increase in the near future with gambling industries top of the hackers’ list. Duncan Hughes, Systems Engineering Director, EMEA, A10 Networks explores the issues surrounding DSoS attacks and offers his advice.
DDoS attacks can impact businesses of all types and sizes. Retail stores, enterprises and service providers can all find themselves at threat of the DDoS crosshairs. According to a recent report that we commissioned- the A10 Networks IDG Connect report – everyone is a target, but some types of businesses come under fire more frequently. Entertainment and gambling are targeted the most, with 33 percent of DDoS attacks aimed at that industry, followed by advertising media and Web content (28 percent), and traditional and online retail (22 percent).
The financial impact of DDoS attacks for businesses can be severe and a recent Ponemon Institute study revealed that between 2011 and 2016, the costs associated with a DDoS attack swelled by 31 percent, with some larger attacks exceeding $2 million due to lost revenue, business disruption and other hard costs. Brand and reputation damage, can also have a lasting effect which cannot be financially measured.
The IDG Connect report found the average company suffers 15 DDoS attacks per year (some averaging as many as 25 DDoS attacks annually), and the average attack causes at least 17 hours of disruption, whether that’s downtime, latency, denied customer access or crashes. That’s 255 hours of disruption a year, can businesses afford this level of interruption?
I suspect not. To be properly prepared, businesses must brace for the worst-case scenario. The following points below outline four main steps in prevention to ensure networks can stand up to a DDoS attack:
· Be proactive. Do not wait for a major crash. You may already be experiencing attacks with slowed or blocked customer access, which can result in lost sales or dissatisfied customers.
· Beware of the “world of denial.” Ask tough questions. What do your customer satisfaction metrics reveal? Do you see indicators of lost sales? What’s the real cost of service restoration?
· Hope for the best, but prepare for the worst. Invest in sufficient DDoS protection and mitigation solutions early, before a major attack strikes.
· Defend against all vectors. Consider dedicated multi-vector DDoS protection using in-path mitigation, coupled with integrated threat intelligence, for the best accuracy. Include hybrid protection with a cloud-bursting service as an extra precaution to combat volumetric attacks.
Businesses of all sizes need to be able to detect and mitigate DDoS attacks (particularly ‘multi-vector’ ones that simultaneously attack the bandwidth, application and network layers), which is why here at A10 Networks we have extended our reach and launched our Thunder TPS (Threat Protection System) family of on-premises appliances to include new offerings at both the high end (Thunder 14045 TPS) and entry level (Thunder 840 TPS and vThunder TPS).
These newly enhanced solutions are designed to easily integrate into existing networks and security architectures to keep DDoS attacks at bay and keep networks and applications running uninterrupted. In essence they provide a first line of defence against DDoS attacks, blocking multi-vector DDoS attacks before they happen.
My advice to readers is don’t let your network remain unprotected against such attacks which are only set to rise and could cost you dearly in the long run.