Last year, a quarter of UK businesses were the victim of DDoS attacks, with retail, banking, media and the public sector being prime targets. As the sophistication of these attacks increases, IT departments need to raise the stakes if they are to mitigate the risk.
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks have been the weapon of choice for criminals, activists or disgruntled individuals for a number of years. However, in 2015, the number and complexity of these attacks hit an all-time high.
DDoS attacks are designed to prevent legitimate users from accessing critical online services. Intended to either flood an Internet connection with fake requests or crash the service entirely, they can cause damage ranging from slow systems performance to total loss of internet connectivity, the inability to access a specific website or a massive influx of spam.
When an organisation falls victim to a DDoS attack, the users are the first to suffer. Customer complaints jump by 50%, putting unexpected pressure on contact centre resources. On average, it takes 12 hours to recover from a DDoS attack, with two-thirds of businesses losing a full working day. In the worst cases, persistent DDoS attacks can result in extended periods of downtime and cost businesses millions in lost revenues but above all damage an organisation’s reputation.
Complex DDoS attacks incorporate more than just brute force techniques; they leverage both the volumetric and application layer to target vulnerable parts of your website or critical infrastructure. Botnets, spoofing and multi-vector attacks have now become better at avoiding traditional DDoS countermeasures.
So, how can you protect your organisation from a DDoS attack?
Don’t wait to become the next victim. There are various simple solutions that can proactively mitigate risk and protect your organisation’s reputation. According to BT research, even though two-thirds of major UK organisations have a DDoS response plan in place, many remain vulnerable because they do not adopt a proactive approach. Of the remaining one-third who do not have a DDOS response plan in place, they are most at risk.
Firewalls and intrusion protection systems (IPS) can only do so much and can actually contribute to poor performance by creating traffic bottlenecks or returning false positives to legitimate traffic during busy periods.
Traditional network security measures aren’t designed with DDoS in mind, but have been used as a make-shift solution in the past. DDoS mitigation involves routing traffic through a purpose-built platform, designed to analyse traffic in real-time. When an attack is detected, “bad traffic” is filtered out and “good traffic” is routed to the network, minimising the impact of the attack.
When it comes to DDoS mitigation, it is advisable to talk to a service provider with proven experience in network and cyber security – one with access to the size and scalability of resource required to provide a robust solution.
Through our partnership with BT, ONI can deploy industry-leading DDoS detection and mitigation technology to protect against a full range of DDoS attacks.
In addition all of our services are provided over market leading internet connectivity with security accreditation and a 100% target SLA.
To find out how ONI and BT are working together to protect organisations from DDoS, call us on 01582 211530, email firstname.lastname@example.org or submit a contact form and an ONI representative will be in touch with you shortly.