In its latest Q3 2016 State of the Internet Security Report, Akamai, a leader in Content Delivery Network (CDN) services, documented exponential growth in the number of DDoS attacks, recording a 71% increase compared to the previous year.
Not only an increase in number but also in magnitude: DDoS attacks exceeding 100 Gbps were more than double (+138%) – two of which were record-breaking and caused by the Mirai botnet. Just one of these attacks is enough to jeopardize a company’s future: from losses in terms of conversions, which can easily reach double-digit negative percentages, to losses caused by damage to reputation and loss of user trust.
“The clandestine organizations behind DDoS attacks have ensured that anyone, even without technical skills, can launch a DDoS attack. These “hired” hacking services have massified DDoS attacks to the point where an attacker doesn’t even need to probe or know their target’s vulnerabilities in advance. The malicious actor can simply turn to the black market to exploit “DDoS-as-a-Service” platforms on booter and stresser sites, which anyone can easily find on the internet, at a surprisingly low price.” says Alessandro Livrea, country manager of Akamai Italia. “Consequently, the best defense consists of preparation and sharing clear, organized communications with all stakeholders in the DDoS attack mitigation process.”.
Thanks to its extensive experience in DDoS attack mitigation – over 4,500 in the third quarter of 2016 alone – Akamai outlines some strategies that companies can implement for effective defense..
- Think like a DDoS attacker
People who carry out these attacks share some typical behaviors. They usually change their attack vector if they realize their attempts are being blocked, or they switch to easier targets if they encounter defenses that are too robust. By thinking like the attackers, it’s possible to prepare plans for all possible types of attacks and understand all available mitigation options.
- Add DDoS attack mitigation to your incident response plan
Many companies have integrated DDoS attack mitigation into their disaster recovery plans. However, the term “disaster” suggests a threat to business continuity that is unforeseen or accidental. DDoS attacks, on the other hand, are deliberate and targeted events that occur on a daily basis. For this reason, it is essential to have a preparation plan to respond calmly and promptly and minimize potential operational and financial damage.
- Multiple layers of protection, a single effective line of defense
The types, methods, and techniques of attack are constantly evolving, and DDoS attacks often reach volumes that conventional security systems can no longer counteract. An effective defense strategy must involve a multi-layered security approach: one layer dedicated to protection against network-level attacks, another for defense against application-level attacks, and yet another specifically for maintaining DNS infrastructure and protecting all services in the data center. These “layers” must work together to form a deep, 360-degree defense that provides comprehensive protection against a wide range of DDoS threats.
- Develop a DDoS attack mitigation playbook
After developing a robust mitigation plan, put it in writing, creating a sort of playbook. It’s useful to conduct a simulated DDoS attack, so to speak, “at blank fire,” which doesn’t make real changes to the network but helps managers identify the best way to handle internal and external communications in the event of a DDoS attack. Following this exercise, it will be possible to develop optimizations to ensure a rapid, repeatable, and predictable action plan.
- Communicate with your DDoS attack mitigation service provider
Use a cybersecurity service provider and maintain constant communication. Ask many questions. A good service provider will have best practices for infrastructure detection, so you will be informed of any security gaps, routing flaws, network vulnerabilities you may have missed, and more. Establish this dialogue before a DDoS emergency occurs so you are well-prepared to defend your network without panicking.
- Develop skills internally as well
It is also important for companies to develop their own skills in managing DDoS attacks, for the purpose of fruitful exchange with partner companies’ security specialists. Through daily monitoring, third-party vendor security experts are always up-to-date. This is especially because they analyze trends and can detect DDoS attacks faster and thus repel them more efficiently. This knowledge helps companies realistically assess current security threats and consider whether their defenses can withstand current threats.
“Be prepared” is a classic motto, absolutely relevant today for any online company. The best defense against cyber threats is preparation: when all members of an organization, not just IT staff, understand what it truly means to suffer a DDoS attack before being hit, they will be able to face a real attack with greater security, control, and calm. Consequently, the DDoS attack mitigation process will proceed more smoothly, and normal operations will be restored more quickly.
Pubblicato in Guides & Tutorials
Be the first to comment