With DDoS (Distributed Denial of Service) attacks occurring at a greater frequency and with a higher level of sophistication, companies are ratcheting up their knowledge of what they are, how they occur and how they can defend against them. In our recent webinar, The Ultimate DDoS Info Session, HOSTING teamed up with DOSarrest to provide an essential overview of DDoS attacks. Missed it? You can view the on-demand version here. We’ve also included some key takeaways below.
DDoS Attack Defined
DDoS is an attack method used by outside parties to deny access for legitimate users of online service such as online banking, e-commerce and Software as a Service (SaaS). As Jag Bains, CTO of DOSarrest, succinctly put it, “Anything that needs to be on the Internet can be a target for a DDoS attack.” Websites are a preferred target since they provide the most engagement with an organization’s customers, partners, subscribers and followers.
A DDoS attack should not be confused with hacking or data theft where the intent is to access data or other online assets. Rather, it is an attempt to bring a website down. If successful, a DDoS attack can impact the following:
- Search Engine Optimization (SEO)
If an organization’s site is down for an extended period of time, it will have a negative impact on its search engine optimization (SEO). Site uptime is a critical factor for Yahoo! and Google rankings. It’s not unusual for a site that had been listed at the top of a search page to fall to the second page or lower after a DDoS attack.
- Brand reputation and loss of revenue
Any site that’s down for an extended period of time will cause potential customers to lose patience – and interest in a company. And all it takes is one click for them to take their wallets to a competing site. Estimates from technology research firms Forrester, IDC and the Yankee Group predict the cost of a 24-hour outage for a large e-commerce company would approach US$30 million.
- Operational focus
In-house IT teams are already juggling dual roles of maintaining an organization’s legacy systems while also supporting an organization’s strategic business initiatives. Dealing with a down website due to a DDoS attack takes them away from these critical responsibilities.
How a DDoS Attack Works
Very simply – an attacker uses a significant amount of computing resources, which they either built themselves (there are plenty of tools available online through a Google search,) or by compromising vulnerable third-party PCs to send bogus traffic to a site. This often involves many knowing and unknowing participants on a global level. If the attacker sends enough traffic to a site, legitimate users can’t access it.
Common Targets for DDoS Attacks
E-commerce sites are a common target for attackers. However, any site can be a target, such as one for a political candidate or a nonprofit fundraising campaign. Attackers’ motivations for shutting down a website cover the gamut; extortion, activism or competitive brand damage are just a few of them.
One of the most common targets for DDoS attack is an application attack on an organization’s web server. An attack can be done easily – using just a few network packets. Bogus traffic can be interspersed with regular traffic, making the attack harder to identify. A recent report by global technology research firm Gartner indicates that web server attacks are the fastest growing attack vector. And according to Jag Bains, DOSarrest is seeing a 60% year-over-year increase in their occurrence.
DDoS and the Cloud
Given the constant changing threat imposed by a DDoS attack and the amount of network bandwidth required to survive one, organizations often find that they are ill-equipped to adequately defend against a DDoS attack using internal resources. For that reason, forward- thinking organizations are looking towards cloud providers to host their web based content and protect against the inevitable DDoS attack.
Cloud providers such as HOSTING are experts at providing DDoS defense from the cloud. Our security experts can leverage massive amounts of network bandwidth and DDoS migration capacity at multiple sites that can take in any type of network traffic. Through our partnership with DOSarrest, we monitor the latest threats and leverage proprietary technology to defend against attacks. Unlike hardware solutions, HOSTING cloud solutions are scalable, flexible and cost-effective.
HOSTING’s DDoS solutions can be purchased in advance as a subscription for proactive protection or in a reactive fashion as the result of an actual attack. Given the fact that there has been a 47% increase in the frequency of DDoS attacks from last year, it makes sense for organizations to consider proactive defense measures.
Protecting Your Organization
To find out more about how HOSTING and DOSarrest can protect your mission critical infrastructure from a DDoS attack, reach out to your HOSTING sales representative or contact me directly.