Network Security Concern for Your Business (Part 4): Denial of Service

IMG_0764While you spend considerable resources to attract more visitors to your website, it’s important to remember that attackers can paralyze your site by flooding it with unwanted traffic from hundreds of thousands of sources.

This type of attack is almost always perpetrated by botnets (a global army of infected computers and internet connections), thus making it impossible for you to identify any individual IP address as the source of the problem. The term “Distributed Denial of Service” (DDoS) is usually applied to such attacks.

Let’s dig deeper and also see how IT outsourcing could solve threats and issues:

DDoS is a Growing Threat:

According to Digital Attack Map, one-third of current downtime events are now caused by DDoS attacks. Because smaller, independent sites lack the redundant infrastructure needed to handle an overflow of traffic, they are uniquely vulnerable to such attacks.

Furthermore, DDoS botnets are now for sale on the black market at a surprisingly low cost; for $150, an attacker can buy access to a botnet that will knock a smaller site offline for an entire week. While banks, casinos and retail outlets have often been DDoS targets in the past, these attacks are becoming increasingly common as a form of political protest.

How DDoS Attacks Affect Your Business:

There are many types of DDoS attacks, making it difficult to readily detect their presence. Here are three of the most common types:

  • Bandwidth attacks: Your site is flooded with random junk data, overloading your servers and equipment.
  • Traffic attacks: These attacks mimic legitimate user requests from your site, sending an overwhelming volume of TCP, UDP and ICPM packets. This type of attack may be paired with malware exploitation, distracting your attention while your information is being stolen.
  • Application-layer attacks: Your application-layer resources are depleted, rendering your system services unavailable.

How You Can Prevent DDoS Attacks:

Since DDoS attacks can take a number of forms, you have to protect your system across a wide range of vulnerabilities; however, no single form of protection will be 100-percent reliable. Here are some of the steps involved in creating a solution tailored to your individual situation:

Buy More Bandwidth:

By adding servers distributed among more data centers, your site can better handle a traffic overload. This can be costly, however, and is not helpful in addressing application layer attacks.

Cache Your Servers:

As an interim measure, it might help to create a plan in which your dynamic resources can temporarily be replaced by static ones in the event of an attack.

Protect Your DNS:

Your DNS server is a critical element in your network and should be secured with a load-balancing solution. It’s also important to build in some redundancy and to explore enhanced DNS-protection options.

Use Content Delivery Networks (CDNs):

Having the capacity to serve files to users from distributed sources is a useful (although incomplete) solution. It’s likely you won’t utilize the CDN for every page of your site, and a DDoS that requests a different page will go straight to your organization. Also, CDNs aren’t helpful against an application-layer attack.

Set Up a Good Firewall:

Although the migration to cloud storage has blurred the existence of clear perimeters in today’s online world, effective firewalls are still an important component of protecting against DDoS attacks.

Deploy A Flow Analytics Device:

This technology analyzes your site’s traffic stream and can redirect bad traffic to a mitigation device. These detection solutions can be effective but may involve a time delay.

Hire An IT Outsourcing Company to Manage it for You:

Combining the right package of prevention measures is the only way to protect your Oklahoma City business against DDoS attacks. To learn more, send us a message or contact us at (405) 242-0171 to schedule a meeting.