Lock on representation of Internet
|
|
Nov. 21, 2013

Safeguarding Your Company's Site from DDoS Attacks

Distributed denial of service (DDoS) attacks are a clear and present danger to businesses, and no business is technically immune to this type of cybercrime. It can affect huge multinational corporations as well as small mom-and-pop company websites.

That’s why companies with a web presence need to ensure they understand what a DDoS attack is and know how to prevent or mitigate one. The first is relatively easy; the second is much more complicated, especially if you don’t have staff experts or a reliable partner to help thwart an attack.

What Is a DDoS Attack?

Let’s start with a very simple example. To use the clichéd metaphor of the Internet as the information superhighway, think of access to your website as a freeway on-ramp. During “noncommute” hours, there is a regular flow of traffic. As “rush hour” begins, traffic starts to build up but is potentially metered by traffic lights or additional access lanes.

Then, all of a sudden, a huge convoy gets directed to the on-ramp. The normal flow of traffic becomes clogged. People simply cannot access the on-ramp, so they try a different route, which in turn stops up. This is essentially what a DDoS attack looks like on your network.

There are some general characteristics of a DDoS attack: Networks become saturated with traffic coming from a single source or multiple sources (depending on the DDoS type); machines and networks frequently become unresponsive and overloaded because of the increased traffic; and legitimate (user) traffic becomes blocked, either as a result of the DDoS attack or because of mitigation services trying to slow down or stop the attack.

The InfoSec Institute breaks down DDoS attacks into three main categories:

  1. Protocol: attacks against load balancers, firewalls and other appliances
  2. Volume: attacks designed to saturate bandwidth
  3. Application layer: attacks targeted at the HTTP, web application and/or web-services layer According to an Incapsula blog post, as sophistication has increased, cybercriminals have been turning toward mixtures of these types of attacks to do real damage.

Who Is a Target for DDoS Attacks?

Any website, large or small, can become the target of a DDoS attack. Smaller company websites can be attacked because of a disgruntled customer or former employee, as a practice session for hackers, or even “just for fun.” But the DDoS attacks that we typically hear about have some things in common.

Primary DDoS targets frequently fall into the following categories:

  • High-profile institutions
  • Government
  • Controversial businesses
  • Financial institutions
  • Law enforcement

DDoS attacks can often be the result of a news event or a public disclosure of some sort. Attacks are online responses to some kind of activity or action by the targeted organization. As stated earlier, attacks are typically more sophisticated and powerful with these larger companies, meaning the companies will need to have more powerful and sophisticated DDoS prevention and mitigation services in place.

How Do You Prevent DDoS Attacks?

It’s often next to impossible to prevent a DDoS attack against your company website. You never know when they are going to hit or what type of attack it will be. A good rule of thumb is to assume that you cannot defend against a DDoS attack all by yourself. Identifying and mitigating an attack requires having a lot of intelligent resources (people and technological) at your disposal.

Assuming that your organization is not ready to prevent or mitigate an attack, your best solution is to use a hosting provider who either has robust DDoS prevention and security services or partners with a provider whose primary service is stopping and recovering from DDoS attacks. As a business, you need to first decide whether your company is concerned about these types of attacks. Then, you need to determine whether you can invest time, money and resources in preventing the attacks.

In terms of DDoS protection, there are varying levels of prevention and recovery. Some partners or providers may be solely focused on network-level attacks, which means that you need your own internal engineers to re-architect the network to ensure that DDoS attacks cannot affect the web-services level. Other partners or providers may be able to help with all three levels of DDoS attacks (protocol, volume-based and application layer). Larger corporations may need to have the highest level of sophistication possible in order to prevent blended DDoS attacks.

Keep the Internet Traffic Flowing

One way or another, DDoS mitigation and prevention must be a top item of discussion when choosing where to host your company’s infrastructure. If you are with a hosting provider or looking for a new one, spend some time analyzing their services and understanding what they can or cannot provide. Lunarpages employs DDoS mitigation appliances in its environments to filter malicious activity and differentiate good traffic from bad traffic.

By planning ahead for DDoS attacks, organizations can prevent customers from being slowed down, stopped or diverted elsewhere as they head to your digital storefront.

[image: maxkabakov/iStock/ThinkStockPhotos]

ABOUT THIS CONTRIBUTOR
Michael Sheehan is a technology expert with a passion and expertise for cloud computing, enterprise IT and gadgets.
Back to top