On average, 28 DDOS are attached every hour. This represents a 240 percent increase year-over-year, so these attacks aren’t something to be ignored. The key to surviving such an attack unscathed is to establish clear plans and test those plans before an actual attack occurs. Here’s what your IT service desk needs to know about thwarting a DDOS attack.
Why Systems Fall Under Attack
There are several types of groups that typically launch DDOS attacks. One group is hackers, who generally have no particular malice against the business, but simply get a thrill out of shutting down websites. The second group is competitors — other businesses that try to knock out your online services in an attempt to gain a competitive edge.
The third type is hactivists. These hackers aren’t just in it for mischief; they are launching attacks to further their own personal causes. Examples of hactivists are hackers who go after businesses that they believe are damaging the environment or perhaps selling goods made in sweatshops. The final group — which is becoming increasingly prevalent — is extortionists. These people attempt to collect a ransom from the business and promise not to launch the attack if the ransom is paid.
It is recommended that businesses never pay such a ransom. First, there is no guarantee that paying the ransom will indeed stop the attack. Second, once a business expresses a willingness to pay the ransom, the extortionists often increase the amount they are demanding. Finally, paying the ransom encourages them to target your business again in the future.
Types of DDOS
There are three basic types of DDOS attacks: those that attempt to clog the network with an excessive amount of traffic, protocol attacks that consume the resources of the system thereby denying service to legitimate users, and attacks that overload the resources on which necessary applications are running. About 80 percent of all DDOS attacks use some combination of these three types of attacks.
Typically, attackers target some combination of these important components of the system infrastructure:
- Web servers
- Electronic banking platform
- File servers
- VoIP systems
- Email servers
- DNS servers
Generating a Plan to Protect the Business from DDOS Attacks
Part of your overall IT service management system should be a DDOS attack response plan. Designate a response team to be in charge of identifying and responding to an attack. The team needs to coordinate with your Internet service providers, cloud vendors, and other third party services to establish a response plan. The plan should include a risk assessment, outlining what resources are needed to respond to an attack.
After developing a response plan, it is important to test that plan thoroughly and regularly. Plan to launch your own DDOS attack against your systems at lease once per fiscal quarter (about four times per year). Test attacks should last one to two hours. Follow the test with an analysis of how well you did, what response times you achieved, and what could be improved upon. Be sure to notify your Internet provider and any vendors involved in the response plan before testing so that they know the influx of traffic is a test and not a real attack.
A good ITSM solution can help you identify risks and attacks early for the best possible outcome.