As malicious hackers get increasingly sophisticated, business owners are having to pay even closer attention to their cyber security strategy. If you own your own business, you should be thinking about how to protect against ever more frequent DDoS attacks and also considering plans for a cyber incident response. A DDoS (Distributed Denial of Service) attack is one in which a hacker floods a website with bogus traffic from various sources, causing services on that website to stop working for genuine users or even bringing the website down completely.
Digital and network forensics
Working with a service that can help you protect against DDoS attacks, as well as giving you comprehensive network forensics, is key for any business. Because there are many different sources of DDoS attack traffic, it cannot be prevented by blocking a single IP address, making it difficult to work out which is traffic from the attack and which traffic is genuine. Websites need more sophisticated protection and a complete cyber incident response plan, which carries out a full investigation into what happened, who may have been responsible and how to prevent it happening again.
Early detection
The key to protecting against DDoS attacks is to be prepared. Even if you own a small business with a minor online presence, your website will still attract attackers. If your website has traffic and a form of e-commerce, then it’s a potential target. Make sure you have a service in place to alert you to significant and sudden increases in traffic. You should also receive alerts about the availability of your server, which may be interrupted if you’re suffering an attack. Make sure you have an out-of-band solution for accessing the management of your website and IT systems. A DDoS attack could block your internal access, leaving you no way of managing your website.
Identify the attack’s unique characteristics
Make sure you employ a service that can work out the attack’s characteristics. Do a quick packet to work out common factors in the rogue traffic, be it URI, user agent or referrer. The service should find a pattern that allows your IT team to block that particular type of traffic. Make sure you’re familiar with your equipment’s capabilities and try some tests on it so you’re well prepared.
Get the right protection for you
There are companies who offer services to help you detect and prevent DDoS attacks in the ways outlined above, and it may well make financial sense to employ one of these as soon as possible. These services will simulate a real threat and test the durability of your website, servers and infrastructure. They will also check the effectiveness of your mitigation plan.
If an attack occurs, the digital and network forensics of these third party services will kick in, ensuring you have a comprehensive cyber incident response. By protecting your business against DDoS attacks, and ensuring you have the forensics in place to find out who was responsible, you will give yourself peace of mind against potentially damaging online threats.
Photo credit: GlobeSign