It seems like we hear about large scale DDoS attacks on the national news monthly these days; they are no longer merely mentioned on the IT web forums. Hackers are targeting large enterprise networks for attention and for money. They are also going after small and medium businesses like yours because they suspect that smaller companies do not have a security infrastructure in place.
What is a DDoS attack?
DDoS stands for Distributed Denial of Service and is a cyber-attack of brute force that uses a multitude of systems to attack a single target. This sudden flood of incoming queries (messages, login attempts, etc.) overwhelms a system to bog it down, potentially gain entry, and ultimately force it to shut down. Many times this large scale attack comes from a vast collection of compromised machines that have been previously hacked and the owners of them do not even realize their machine is sending out spam, which slows down their network and can cause the ISP (Internet Service Provider) to shut down service temporarily.
Why should you care about DDoS attacks?
Simply put – $$$.
Hackers have found a way to profit from their successes making cybersecurity more important now than ever before. Previously, hacking was more for fame and fun with limited consequences. Now with the advent of Bitcoins, an online currency, hackers can make money for their efforts because Bitcoins allow them to get paid anonymously and they can hire other hackers to join them in large-scale DDoS attacks.
DDoS attacks are not just annoying. These attacks overwhelm, slow down, and potentially require you to shut down your network, meaning legitimate users (clients, employees, prospective customers) cannot access your data. In a way, we’re in a new era of corporate warfare where someone can hire hackers to disrupt a competitors’ product launch, peak season, or just their day-to-day operations. For large companies, the bad press alone is costly.
Don’t be disillusioned that this only happens to the Fortune 500 companies. At My IT, we’ve seen firsthand that hackers have attacked a location with as few as 5 employees.
Some DDoS attacks are targeted at specific companies, but the majority of them are not, so they hit smaller companies often. Hackers use bots to “farm” the internet looking for open ports on networks. When they find one with an opening, they flood it with queries.
What Can You Do to Stop a DDoS Attack on Your Company?
Unfortunately, there isn’t much you can do to stop a DDoS attack once it targets your company, you can only mitigate it at that point and you probably need to shut down your system. Fortunately, proactive prevention is the key to stopping a DDoS attack.
- Firewalls – Your first line of defense in preventing a DDoS attack is your firewall. A good IT firm will get it properly configured and make adjustments over time, because a firewall is not a “set it and forget it” appliance anymore.
- Email Filtering with ATD – DDoS attacks can start from a virus, which overload your circuits from inside your own network. One of the most common methods to deploy a virus is through email attachments, and they usually initiate from someone opening up an attachment unwittingly. Email filtering can scan inbound emails for potential threats found in both attachments and links, and prevent that attachment from even entering your network. ATD stands for Advanced Threat Detection, meaning your system is notified of a virus within an hour of being found on the internet to better protect your network.
- Bandwidth Monitoring – Bandwidth monitoring will identify if you have an unusual spike in internet usage, both internally and externally. High-growth companies may max out their bandwidth a few times a day because they’re overloading the system (see Good Internet Speed), but for most companies this is a sign of an attack, which can start from within with an infected machine blasting outbound messages similar to an external DDoS attack.
- Good Anti-Virus Software – Don’t settle for free virus protection for your business because they offer no guarantees, updates, or support. A good IT firm will recommend a reputable provider and stand behind it. The key to virus protection is removing potential threats once detected.
- Regular Patch Updates – A simple way to “plug any holes” is to keep your operating systems and applications up-to-date because updates secure potential security threats while adding new features. (Keep in mind that your workstations and servers need to stay relatively current as well because new software cannot run on 10-year-old machines running Windows XP. You can save money by being efficient in replacing your hardware, known as Life Cycle Management.)
A good IT firm can help you with each of these aspects to preventing and minimizing the effects of a DDoS attack. (These preventative measures should be part of their best practices.)