1.888.900.DRIZ (3749)
The Driz Group
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Careers
    • Subsidiaries
  • Contact
    • Newsletter
  • How WAF Works
  • Blog
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Careers
    • Subsidiaries
  • Contact
    • Newsletter
  • How WAF Works
  • Blog

Cybersecurity Blog

Thought leadership. Threat analysis. Cybersecurity news and alerts.

7/12/2018

0 Comments

DDoS Attacks: Protecting Your Business from Critical Disruption

 
GitHub DDoS attack

DDoS Attacks: Protecting Your Business from Critical Disruption

In March 2018, developer platform GitHub was struck by the most powerful DDoS (distributed denial-of-service) attack ever recorded.

How big? 1.35 terabits of traffic was hitting GitHubeach second.

Still, GitHub was not without its defenses.

Within 10 minutes of the attack starting, GitHub’s DDoS mitigation service stepped in to combat it. They routed all incoming and outgoing traffic and scrubbed data, blocking all malicious packets responsible.

Such decisive action paid off. The attack ended eight minutes after the service took over, and GitHub was able to get back on track after just five minutes of downtime.

If GitHub had been without such a fast, effective response, the outcome of the attack might have been much worse.

A DDoS attack is a fairly cold-blooded attempt to disrupt a server, service or network’s standard operation by bombarding it with excessive traffic.

They incorporate a number of compromised computer systems to mount the attack, essentially overwhelming the target system and affecting genuine traffic.

GitHub had been targeted before, with an attack lasting for six days in 2015.

A company or organization’s website can be severely affected by a DDoS attack, potentially costing them lots of money in lost business. In fact, the average cost of a DDoS attack for businesses rose to more than $2.5 millionin 2017.

Research highlights just how common DDoS disruptions are for many companies. A staggering 849 of 1,010 enterprises questioned had been hit by a DDoS attack. DDoS disruption was estimated to cost target businesses as much as $100,000 per hour.

These figures make for disturbing reading, especially for smaller companies on a much tighter budget than their larger competitors. Still, even for global corporations, the risk of a DDoS attack can be incredibly troubling: after all, they may have more to lose.

Effective cybersecurity and preparation have never been more vital. Every cent available must be channeled into reinforcing your business against potential threats.

Still, this is easier said than done: cybercrime and security can be daunting. To help you understand how best to defend yourself against DDoS attacks, we have explored some of the most effective options below:

Get to know the symptoms

Recognizing the signs of an incoming DDoS attack can make a significant difference to how you handle it.

There is no real warning for a DDoS attack, though. While some hackers may issue threats, there will generally be nothing other than the assault itself.

As you might not browse your own website much on a day to day basis, it may not be until customers begin complaining about its performance than the warning bells start to sound.

However, certain other clues will tip you off:

  • Your server delivers a 503 because of service outages
  • Your employees / colleagues may notice slowness or connectivity issues if you depend on the same system for your internal software
  • Excessive requests from one IP
  • Unusually large amounts of traffic without reason and at odd times

The earlier you’re able to spot the warning signs, the sooner you can start to act.

Have a plan

Every business should have a plan in place for a potential DDoS attack. Once you confirm that your system has been targeted, you can jump to your plan and follow it. Being prepared helps to reduce the likelihood of panic or making mistakes that exacerbate the disruption.

Make sure all key players from each department are alerted to the situation and understand how best to handle it at their end. If everyone can work together and focus on damage limitation, you’re more likely to come out of the DDoS attack with minimal impact.

Companies that have no preparations for dealing with such a situation could waste valuable time trying to make sense of it.

Know how to prioritize

You will only have limited access to your system during a DDoS attack. Make sure you focus on keeping the most high-value services and applications running to preserve as much ‘normal’ function as possible.

Again, this comes down to planning. You should have an immediate idea which areas can be let go and which must be the priority.

Pay attention to your network security

Conducting security audits on your network on a regular basis is an effective way to keep your system protected.

Take a close look at the strength of passwords (particularly for the most vulnerable areas), review which employees have access to key data, and run comprehensive checks on software. Do you have the most up to date versions? Have any known security risks come to light with an application you’re using?

A network security audit may not be enough in itself to defend your business against a DDoS attack, but it can play a large part in the process. Incorporate this into ongoing workplace routines: make sure it becomes a habit and is never overlooked.

Letting your system go without the proper audits and preparations can leave it vulnerable to attack. Being complacent and assuming your business will escape the attention of cybercriminals is never a smart move.

Turn to the professionals

Your system security is paramount to keeping your business up and running. Not only does your entire flow of service depend on effective protection, so too does your customers’ experience.

Lengthy downtime can leave buyers with little choice but to start looking elsewhere if you cannot meet their needs. On top of this, they may wonder how safe their personal and financial data are within your company.

Hiring a professional cybersecurity firmto defend your system against DDoS attacks can help to take the strain. You will be free to focus on other areas of running your business while the experts handle the heavy lifting.

Are you concerned about your company’s vulnerability to DDoS attacks? What steps have you taken to safeguard your system? Share your thoughts and ideas below and contact ustoday to protect your organization.

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Steve E. Driz, I.S.P., ITCP

    Picture
    View my profile on LinkedIn

    Archives

    January 2023
    December 2022
    June 2022
    May 2022
    February 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    October 2016
    August 2016
    May 2016
    March 2016
    January 2016
    November 2015
    October 2015
    August 2015
    June 2015

    Categories

    All
    0-Day
    2FA
    Access Control
    Advanced Persistent Threat
    AI
    Artificial Intelligence
    ATP
    Awareness Training
    Botnet
    Bots
    Brute Force Attack
    CASL
    Cloud Security
    Compliance
    COVID 19
    COVID-19
    Cryptocurrency
    Cyber Attack
    Cyberattack Surface
    Cyber Awareness
    Cyber Espionage
    Cybersecurity
    Cyber Security
    Cyber Security Consulting
    Cyber Security Insurance
    Cyber Security Risk
    Cyber Security Threats
    Data Breach
    Data Governance
    Data Leak
    Data Leak Prevention
    DDoS
    Email Security
    Fraud
    GDPR
    Hacking
    IoT
    Malware
    MFA
    Microsoft Office
    Mobile Security
    Network Security Threats
    Phishing Attack
    Privacy
    Ransomware
    Remote Access
    SaaS Security
    Social Engineering
    Supply Chain Attack
    Supply-Chain Attack
    Third-Party Risk
    Virtual CISO
    Vulnerability
    Vulnerability Assessment
    Web Applcation Security
    Web-applcation-security
    Web Application Firewall
    Web Application Protection
    Web Application Security
    Web Protection
    Windows Security
    Zero Trust

    RSS Feed

Picture

1.888.900.DRIZ (3749)

Managed Services

Picture
Web Application Security
​Virtual CISO
Compliance
​Vulnerability Assessment
Free Vulnerability Assessment
Privacy Policy | CASL

About us

Picture
Testimonials
​Meet the Team
​Subsidiaries
​Contact us
​Blog
​
Jobs

Resources & Tools

Picture
​Incident Management Playbook
Sophos authorized partner logo
Picture
© 2023 Driz Group Inc. All rights reserved.
Photo used under Creative Commons from GotCredit