Distributed Denial of Service (DDoS) cyber attacks present a unique challenge to businesses. Focusing on rendering a targeted system inaccessible to users, most commonly by overwhelming it with a flood of traffic or commands, DDoS attacks have historically been difficult to trace, manage and prevent.
Much of the talk around DDoS inevitably centres on what could be labelled catastrophic incidents – massive attacks that completely overwhelm the bandwidth or processing capabilities of a system, bringing it down for hours if not days. Examples include the enormous attacks that hit the BBC and GitHub in 2015, while DDoS traffic speeds of over 1 Tbps were reported last year.
While these make great headlines, this is far from the sum of the risk that DDoS presents. In fact, believing that DDoS attacks are only large-scale affairs that target the biggest online operations is a dangerous assumption. The evidence suggests that smaller-scale attacks that cause only brief disruptions measured in minutes rather than hours are becoming more and more common. As virtually every business relies on connectivity nowadays, everyone is a potential target and even outages of the shortest duration can wreak havoc with IT systems.
According to the Corero Full Year 2018 DDoS Trends Report, large-scale DDoS attacks, defined as those over 10 Gbps, doubled in 2018. But that was only from 1% to 2% of all incidents. In other words, 98% of DDoS involves traffic speeds of less than 10 Gbps.
Not only are the majority of DDoS attacks low volume, they are short in duration, too – 81% of outages now last less than 10 minutes, 65% less than 5 minutes. Crucially, attacks like these are rarely isolated, by their nature they are prolonged and consistent even if short in nature. Initial DDoS incidents are followed up by another on the same target within 24 hours 22% of the time. This rises to 36% within 90 days.
Darryl Petch, Technical Pre-Sales team leader at M247, said it was dangerous for businesses to think of these shorter attacks as insignificant. “Your systems going down for 10 minutes can cause a lot of disruption and damage to your business, ultimately costing you money,” he said. “And it isn’t just about complete outages. An attacker could not only be ‘stealing’ your bandwidth, but utilising your resources to reflect a DDoS attack towards others. It could result in an outage to your entire network, damage system performance and efficiency as well as cause irreparable reputational damage.
“It is the high probability of repeat attacks that really takes its toll. I’ve known companies that have been targeted every single day for weeks. Each incident might only last a few minutes each, but it is still like having someone switch off your entire business for an amount of time every day. You might not even know it is happening. An attack that knocks your website out for less than 5 minutes might not even trigger an alert, meaning you are losing traffic and potential custom without even knowing it.”
Darryl argues that the only effective way to mitigate against DDoS is to deploy dedicated, proactive detection protocols that are designed to pick up and prevent these types of attack.
“The solution we prefer is the diversion of attack traffic to scrubbing centres — geographically diverse data centres with distributed resource that can handle and capture potentially massive amounts of traffic,” said Darryl. “At the same time, filtering of non-malicious requests means that your customers and employees can still use the intended site or server. In some cases, the attack can be resolved by virtually fencing off the ‘target’ machine.
“Crucially, the best providers ensure DDoS mitigation occurs on an automated basis. There’s no need for a technical member of staff to react or intervene, which means that an effective response is guaranteed any time of the day or night, without the need for alerting an on-call staff member or waiting for customers to notice — and complain.”
M247 is committed to managing DDoS attacks on your business, with the end result in many cases being complete elimination of risk. We provide a fully managed DDoS service, guarding against attacks big and small, that might last minutes or might last days, leaving you free to continue running your business with confidence.
For more information, speak to M247 today about DDoS mitigation. In an age of increasing cyber threat, it pays to have strong defences in place.