By Indusface Research Team

Year’s biggest e-shopping season around the corner; Beware of DDoS Attack

With the festive season begun, businesses are geared up with deals and attractive promotional offers to attract customers to their websites and rake in some moolah.  But what would happen if suddenly you see a lot of traffic coming to your website? You might mistake it for a lot of customer visits, but your security vendor will know that you are under a DDoS attack, that is if you have a security vendor, which I hope for your sake, you do. Distributed Denial of Service or DDoS attacks have become very common now-a-days but unlike the normal attacks/hacks done many a times for fun, these have a purpose. DDoS attacks are done with the sole intention of harming the reputation and business of a website, and can be driven by any of these motives. Financially driven to extort money, politically driven to defame the brand or business driven to stop legitimate customers from reaching the website. Whatever be the reasons, DDoS attackers mean business, and every minute of downtime of your website, costs you dearly.

Cost of a DDoS Attack

According to industry sources, a DDoS attack is not detected up until 4 to 5 hrs. of its commencement, and another 5 hours or more passes before the mitigation starts. This means it is almost 10 hours after an attack that the mitigation starts. An immense amount of financial and brand damage is done to any business in this time. Studies have proven that DDoS attacks result in some of the most expensive outages. DDoS-spurred outages cost an average of $822,000 to mitigate, which is second only to the $959,000 it cost to fix outages caused by IT equipment failure.

With so much at stake, one would assume that organizations are actively going for DDoS mitigation solutions but surprisingly, only 1/4th of organizations use mitigation solutions. Mostly businesses are relying on traditional and perimeter defenses for protection but these can prevent attacks only at Layer 3 and that too mostly only to a certain effect.  High volume DDoS attacks, which are now the norm, can easily overpower the traditional defenses, and further multiply the effect of DDoS attack by bottlenecking the traffic.

Attention needs to be placed to the attacks being targeted at the application layer.

Features to look for in a DDoS Mitigation Provider

DDoS attacks have become more sophisticated and persistent in nature. The attackers do not stop with one failed attempt but continue looking for weak points to exploit and attack. This advanced approach of attacks calls for solutions which perform continuous monitoring and real-time traffic analysis and DDoS mitigation teams which respond in real-time.

Automated DDoS mitigation solutions cannot fulfill the purpose of complete protection against these attacks. Application Layer DDoS mitigation cannot be automated, and one cannot rely solely on automated rules/processes for mitigation. When it comes to application DDoS Mitigation, one-size-fits-all approach is a death trap for security world. The solution needs to be customized according to the business and should have security teams who develop/refine real-time application specific custom rules to mitigate the attack and protect the application.

An always-on approach is best to be followed when going for a DDoS solution provider, as this would mean that the solution is integrated with your system and is continuously scanning your traffic, and in event of a DDoS attack, will know it immediately. This also reduces the response time significantly between the attack being found and mitigation started. A robust DDoS mitigation provider should be able to detect the early warnings of an attack and start acting on it. They should also be able to customize the solution depending on the website and traffic pattern of your website.

During and after the attack, the solution provider should be able to give you a detailed report on the attack, the steps taken and a portal for monitoring the activities.

You should also calculate the total cost of ownership the solution is providing. After all, it is not necessary that you should be paying through your teeth for a good DDoS mitigation solution provider.

Founder & Chief Marketing Officer, Indusface

Venky has played multiple roles within Indusface for the past 6 years. Prior to this, as the CTO @indusface, Venky built the product/service offering and technology team from scratch, and grew it from ideation to getting initial customers with a proven/validated business model poised for scale. Before joining Indusface, Venky had 10+ years of experience in security industry and had held various mgmt/leadership roles in Product Development, Professional Services and Sales @Entrust.