Assess Your Risk Profile for Choosing a DDoS Solution
For potential Distributed Denial of Service (DDoS) attacks, your deadliest error is assuming the next one will hit some other company. The stakes are high because attackers may use DDoS to shut down a website, use the assault as a smokescreen to pierce the business’s network, plant or activate malware, or even steal data, intellectual property and other assets. As we discover in Neustar’s 2017 Worldwide DDoS Attacks and Cyber Insights Research Report, no business sector is immune from risk of an attack.
Since 2016, respondents to our research show the tempo of attacks of all sizes against all organizations multiplied exponentially. And worse, the number of times that organizations were hit multiple times has continued to increase as forecasted.
Consider these DDoS attack frequency statistics from the report (pp. 10-11):
- 84% of respondents experienced at least one DDoS attack in the previous 12 months – up 11% from 2016.
- 86% of those attacked had more than one DDoS attack during the same period, up 5% from the prior year.
- Of those suffering multiple attacks, 35% experienced 2-5 incidents, 20% were hit 6-10 times, 11% were struck about every month, and 6% were hit every week.
- Just 16% reported no attack, a significant drop from 2016 attack experiences.
Clearly, the threat is real and is hitting industries of all kinds.
The frequency of attacks is soaring so you’d think organizations would be on top of this urgent threat. Yet far too often, a business assumes it is not a likely target for DDoS, which creates a faulty risk profile that can drive incorrect strategy. A false sense of threat makes it easy to fall into a trap of believing the security controls you’ve got in place will be enough to handle DDoS assaults of all types, of all sizes, and of all complexities.
For example, organizations have invested considerable resources in cyber security. Firewalls, web application firewalls, intrusion detection and prevention and the like all serve unique goals. But they are insufficient to stop widely distributed attacks. Obviously, if they were, the frequency of attacks should be falling. But that’s the opposite of reality so it’s vital for you examine your organization’s exposure to the risk of DDoS attacks.
Consider the big trend of moving IT into the cloud. You would think the giant cloud providers will keep your site safe from DDoS, but they are not (at least not for their customers). DDoS defenses used by cloud providers focus on protecting their own infrastructure; typically, they can only provide so much (and often, inadequate) customer-specific DDoS detection or mitigation.
One of the big selling points of cloud is the ability to “scale on demand.” The DDoS security trap is to assume the ability to scale will swell with the load of attack data, but load balancers can be quickly overwhelmed by fast-ramping DDoS attacks. Providers are happy to sell you more cloud instances to diffuse DDoS but the cost can be prohibitive – especially when an attack might last hours or even days.
In these situations, relying on cloud providers and ISPs to solely manage your DDoS threat takes the ability to control impact and costs out of your hands.
To surmount these traps, you should assess your exposure to understand how a true DDoS solution can keep your website running no matter what the scale of attack.
Typical steps you can use to assess your organization’s risk profile include:
- Understand what’s really happening globally with DDoS and how attacks can affect your organization
- Analyze your website environment and determine what is at risk (such as revenue per hour generated by a website)
- Weight and score the risks
- Evaluate existing DDoS mitigation tools deployed in your environment, particularly how long the tools require to discover an attack in process
- Assess the ability of your DDoS tools to respond to an attack – would they kick in immediately? After five minutes? After 15 minutes? An hour? Three hours? A day or more?
- Catalog steps required to reduce risks to a manageable level
This is the first of a series of blogs looking at findings in our report. I encourage you to download the report and check out findings of our research. I truly hope the data will scare the heck out of you and trigger a focused effort to discover how you can step up DDoS protection for your company’s website.
To download the report, click here.