DDoS attacks, also known as distributed denial of service, are a disruptive force for businesses who depend on their website for sales and customer acquisition. The trend continues: according to Prolexic, the second quarter of 2013 saw a 20 percent rise in DDoS attacks. What’s even more concerning is that attack strength and the duration of attacks have also increased, with the average packet per second (pps) jumping a whopping 46%.
If there was a time to start thinking about the effect a DDoS attack can have on your organization, now is the time. There are many reasons for the increase, but perhaps the most notable is how quickly botnets are spreading, and becoming more sophisticated. There hasn’t been much unified defense going into protection systems for old networks and unsecured servers. This has allowed attackers to quickly build new botnets as old ones are discovered and dismantled. It truly is a never-ending game. As botnets are taken down, more are being built in their place.
Bot herders (people who control bots) are renting out their services. We’ve reached a point where you can literally rent a botnet for a few hours. Not only are they being used for spam, but they’re being used for DDOS, to mine bitcoins and to further spread malware; giving people the ability to begin spreading their own rootkits, or simply to build a larger botnet.
And the people behind the threat are becoming increasingly more brazen about their exploits. A perfect example: this Forbes article called Confessions of a Botnet Herder.
What You Can Do To Protect Yourself From DDoS Attacks
1) Understand that you are vulnerable.
A DDoS attack can come at anytime. There are no fair warnings, and there is no way to know when you will be targeted (or if). If you work in the financial or gaming industry, or have a popular site that you depend on to service customers, you need to have procedures in place to cut these attacks off when they come.
2) Determine your risk level.
Depending on your industry, you may (or may not) need a high level of protection. How you decide to protect your business from DDoS attacks depends on the volume of DDoS attacks you normally experience. Does your business face attacks that continue for long periods? Does your website receive DDOS attacks that are extremely strong? What industry do you operate in?
All of these questions are important to answer and understand so you can determine what type of DDoS attack protection to choose.
3) Know your budget.
This continues off the last point: if you face large attacks that vary in duration, you’ll likely need enterprise level DDoS protection that comes with a strong SLA. With this type of plan you will be protected from all types of DDoS attacks and your mitigation provider will not null route your site if due to a large attack. The drawback to this level of protection is that it is expensive and requires a contract (normally).
A more budget-friendly type of DDoS protection is also available and typically comes with a variety of protection levels that guarantee protection up to a certain point. If, for example, you typically deal with DDoS attacks that measure from 2Gbps – 10Gbps, you would probably be better off choosing this type of plan. Keep in mind that if an attack went above your protection level your site would not be protection.
4) Get to know your ISP.
The more upstream friends you can make, the better. If your business deals with DDOS attacks on a routine basis, you’ll have a much easier time defending against them if you have someone you can speak with directly at your ISP. They will be able to give you insight into the types of DDoS attacks you are facing, and from there you’ll have an easier time describing the problem to a mitigation specialist.
5) Partner with a DDOS mitigation company.
Even if you do not require actual DDoS protection, it’s a safe bet to get in touch with a company in advance. Think of it like insurance. If you build relationships in advance (and a plan), you’ll be able to quickly respond to a DDoS attack should it happen.