Thought leadership. threat analysis, news and alerts.
Study Reveals Canadian Companies View Cybersecurity as Top Priority
According to a recent study, effective cybersecurity is a top priorityfor most Canadian organizations.
This is no surprise, considering the rise of DDoS, ransomware and other online threats in 2018. In Canada and the United States, cybersecurity has continued to make headlines, leading to wider awareness of the risks among businesses.
For example, DraftKings has finally been granted the legal right to unmask the individuals behind a DDoS attackon the company. The fantasy / sports betting brand’s operations were disrupted by the assault on August 8, which caused the website to actually go offline for 26 minutes.
DraftKings managed to trace the DDoS attack and sought a subpoena to get the relevant ISPs to uncover the identities of those involved. Though DraftKings may not have suffered a huge amount of damage or loss of business, the company’s commitment to finding out exactly who initiated the attack could inspire more brands to essentially go on the offensive following an attack.
Businesses and organizations of all sizes must take steps to protect themselves and their clients from any cybersecurity risks, and it’s a pressing concern for most Canadian firms. The survey found more and more are extra vigilant, seeking effective safeguards against DDoS, ransomware and email threats.
Almost six out of 10 businesses questioned claimed email security was a key focus, while defenses against ransomware and intrusions came hot on its heels. Cloud-based storage and productivity / collaboration tools are now common fixtures for many businesses, and due caution when using these is critical.
The Repercussions of Security Breaches
Companies may find the prospect of protecting themselves from attacks daunting, especially as DDoS attackers have grown more bold. Attacks can have a serious impact on a business’s processes: i they can’t provide the services their clients expect, their income could be affected and their reputation may be damaged in the long term.
Why? Because existing and potential customers will wonder how seriously said business takes their security. They might also wonder if the company is taking due care of their own details too. If in doubt, there are sure to be other businesses offering the same services or products out there.
Basically, DDoS attacks involve launching a bombardment of traffic against a specific IP address and genuine users trying to access the targeted website will struggle to get through. This problematic traffic is created by multiple sources, which makes blocking DDoS assaults outright more difficult than malicious activities originating from a single source.
Earlier in the year, GitHub — a well-known code repository — was subject to a major DDoS attackthat made headlines. The site was taken offline due to a 1.3Tbps (terabits per second) assault, which was the most powerful to be recorded at the time.
GitHub became aware of an issue due to outages, and called for assistance from its DDoS mitigation specialists. All incoming traffic was channeled to scrubbing centers and malicious packets were blocked effectively. Fortunately for GitHub, the attackers ceased their malicious activities after eight minutes.
Before this, another company — Dyn — was targeted in a 1.2Tbps assault in 2016. This struck in multiple sessions. The first started first thing in the morning and lasted around two hours before being stopped, while the second came later on. A third assault was launched in the late afternoon.
During these waves of DDoS attacks, Dyn saw its internet directory servers disrupted by a powerful load of requests from millions of IP addresses. This was a serious incident that had been planned with great care for maximum impact.
Taking Steps to Maximize Safety
Cybercriminals are developing increasingly sophisticated ways to disrupt and attack targets, but having an effective cybersecurity plan in place can help you to stay protected.
Below, we look at just a few of the ways you can stop a DDoS attack and potentially minimize the damage it may cause.
Spot the attack ASAP
Being able to identify when your website is under attack can help you prevent a DDoS disaster.
Problems affecting your site are an obvious indication of impending issues, and its worth getting to know what your inbound traffic patterns tend to be at different times. For example, if you can be sure your traffic tends to spike on a Saturday afternoon and a Sunday morning, any rush of traffic on a weekday could be a warning sign.
Of course, you have to be able to eliminate any potential reasons for this before panicking. A sale, large discounts or an improved marketing strategy could all lead to unexpected increases in your traffic. It sounds obvious, but is well worth bearing in mind to avoid false alarms.
Invest in more bandwidth
Another effective step to protect your business from DDoS attacks is to increase your bandwidth. Having access to more than you think you’re likely to need for everyday operations can help you accommodate larger traffic surges and shifting traffic patterns.
While this may not be viable for smaller companies on a tight budget, it could be a worthwhile option even if the bandwidth is only adjusted a little.
Making changes to your working processes and set-up gradually can help to protect you with minimal disruption, but the increase in DDoS attacks in the past couple of years demonstrates just how vital proper defenses are. Companies have to to take effective steps to ensure they remain safeguarded as attackers continue to advance their methods.
Working with professional cybersecurity specialists with years of experience helping companies across various sectors can help you stay safe. Our Automated DDoS Mitigation service provides guaranteed DDoS attack protection, with no hardware or software to buy. This service is powered by our partner’s innovative technology and includes a high-powered CDN to increase your domain’s performance by as much as 50 percent.
Want to discuss how we can help protect your business from DDoS attacks? Please don’t hesitate to get in touch. Our team is here to answer any questions you may have.
Steve E. Driz, I.S.P., ITCP