Avoiding DDoS Disasters

Distributed denial-of-service (DDoS) attacks crop up in the news time and time again. In fact, 2016 was unofficially dubbed the year of DDoS (whereas 2017 has become the year of ransomware).

For those who are unfamiliar with the concept, a DDoS attack is an artificial influx of web traffic - so much traffic that the target website or service crashes, thereby preventing access for legitimate visitors. How do hackers conjure up this bogus web traffic? By infecting computers and devices with malware which can then be remotely used to carry out the demands of a cybercriminal.

Hackers love DDoS because it is highly effective, easy to deploy and can be launched from outside of a network. These kinds of attacks can be launched by low-level hackers (also known as script kiddies), top-notch cybercriminals and everyone in between.

Thankfully, cyberattack insurance from CyberPolicy can improve your organization's chances of surviving such an attack.

DDoS 101
So just how destructive is DDoS exactly? Below are a few instances of how an attack of this kind can negatively impact your business.

  • A well-timed DDoS attack on an e-commerce site can stymie thousands of dollars in sales.
  • Hacktivists (a portmanteau of 'hacker' and 'activists') can launch DDoS attacks on government pages or news sites for hours or even days to block visitors for social or political reasons.
  • DDoS attacks are sometimes used as a 'smoke screen' to distract IT teams from secondary malware attacks installed during network downtime.
  • In October 2016, a DDoS attack struck DNS provider Dyn causing blackout for dozens of the United States' most popular sites including Amazon, CNN, Netflix and Twitter.

These scenarios are admittedly scary, but even more frightening is the fact that almost a fifth of companies have no DDoS protection at all! Why is this?

According to research conducted by Kaspersky Lab, 30 percent of businesses fail to take action because they believe they are unlikely to be targeted by DDoS attacks; but "the reality is that any company can be targeted because such attacks are easy for cybercriminals to launch."

In a press release, Kaspersky Lab employee Kirill Ilganaev said: "DDoS is extremely disruptive, and on the rise. When hackers launch a DDoS attack, the damage can be devastating for the business that's being targeted because it disables a company's online presence. As a result business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined. Online services and IT infrastructure are just too important to leave unguarded."

We couldn't agree more. So how do you stop a DDoS attack from crippling your network?

Detection Services: Some companies employ an agency, software or service to identify all incoming traffic and scan it for anomalies. If the traffic is deemed harmful it is blocked before it can impact your network. This solution could lead to slightly longer load times, but is ideal for organizations beset by DDoS attackers.

Sinkholing: Sinkholing detects and redirects malicious traffic to a digital black hole in the network where it can do no harm.

Stress Testing: DDoS originally started as a testing application to determine the resilience of a network under high traffic. While these technologies have been modified for misuse, legitimate stress testing can help you assess the strength of your network and help you determine if upgrades are necessary.

Preventing Recruitment: DDoS attacks are made possible by infected devices or 'bots'. If you want to thwart recruitment of your own devices, be sure to update your software, change default passwords on your devices and avoid malware downloads.

Cyberattack Insurance: If you are victimized by a DDoS attack, you could face thousands of lost dollars due to business downtime. Thankfully, cyberattack insurance can assist you with the financial damages.

Learn more by visiting CyberPolicy today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375