With the Trump Hotels becoming the latest victim of several targeted DDoS attacks (Distributed Denial of Service) it seems that 2017 will be littered with similar incidents as businesses struggle to protect themselves from increasingly sophisticated and organized hackers.
What’s A DDoS?
A DDoS attack is characterized by the hacker flooding the target with mass amounts of traffic from various sources that cause the service to be suspended and prevents the business from carrying out their practices. A DDoS attack can sometimes be an opening foray or a red herring to act as a diversion before a more compromising attack is unleashed.
A good analogy of a DDoS attack is a shop doorway being crammed with people to prevent legitimate customers gaining access. However, this is a simplistic evaluation of the malicious approach and there are more complex DDoS attacks with specific intentions and points of entry. The motivation for these acts is often driven by revenge from an individual group with a grudge or activists with a cause, although blackmail can also be a motivating factor.
Deloitte, a leading multinational professional services firm, predicts that 2017 will be a year of crisis for DDoS attacks with the expected number of strikes expected to reach 10 million, so appropriate protection for all sizes of businesses is paramount.
Protection
[pullquote]For any scale of operation with a website, there is a risk that your services will be targeted and disrupted through a DDoS attack and it’s essential that pre-emptive measures are taken to ensure protection is at a maximum.[/pullquote] Although hackers can be determined in their efforts, they are likely to select a softer target if they discover numerous and resilient barriers stand in their way, so in many ways protection is about presenting a system that is more unyielding and purposeful than the next guy.
The prudent initial step in ensuring protection is to call in the experts to construct a unique toolset and defensive strategy tailor-made to your system. The next step is to plan recovery strategies that present a solution to systems being unavailable for any period of time and physically test your protocols to make sure you’re ready for when the attack comes. There are more merciless and damaging forms of attack than DDoS, but it’s a hacking attempt that can cause a fundamental destruction of customer loyalty and result in the loss of crucial business and trading opportunities.
Performing updates and reviews is always essential to make sure you’re using all the possible enhancements that are available to remain one step ahead of the hackers. The usual advice is still pertinent, as human error or simple laziness is regularly the factor that lets hackers gain easy access, so make sure that passwords are being regularly changed and best security practices are actually being followed.
It’s not all bad news, as experts have generally been successful in keeping pace with the developments of hackers producing tools to implement DDoS attacks and although the threat is on the rise, there is no reason to doubt that the security experts won’t be equal to the challenge.
COMMENTS