Distributed denial of service (DDoS) attacks, where multiple compromised systems are used to target and overload another system, have been a problem for years and have become a favorite tactic of hacktivist groups. The effects of such attacks can be devastating.
In a report commissioned by VeriSign, “Distributed Denial of Service: Finally Getting the Attention It Deserves,” more than half (53 percent) of all respondents said they experienced Web infrastructure downtime in the past year, with DDoS attacks accounting for one-third (33 percent) of all downtime incidents.
Nearly two-thirds (63 percent) of all respondents who reported experiencing a DDoS attack in the past year said they sustained more than one attack. Eleven percent said their businesses were hit six or more times. Of those who reported experiencing a DDoS attack in the last 12 months, 46 percent said their sites were down for five or more hours, with almost a quarter (23 percent) saying their sites were down for more than 12 hours.
Companies can take a number of steps to protect against DDoS attacks and to monitor for exploits should those protections be breached. These include working with outside service providers to minimize the potential impact of a DDoS attack. When working with outside providers, it’s important to be able to clearly articulate your own organization’s DDoS protections, because they may influence what an outside provider can and should do, and how the provider can do it.
The resources at the most risk of DDoS attacks are those hosted at your data center. If you use an outside data center provider, it typically owns the hardware, cabling, infrastructure and so on. It also is responsible for planning for disaster recovery and an expansion in utilization, but data centers often do not have bandwidth or hardware capabilities to weather a major DDoS attack.
This, in itself, isn’t all that unusual. We can’t always be standing by, waiting on a DDoS attack, right? Well, no, but we—and providers—can make intelligent architecture decisions that better equip systems to handle such a situation.
It's very important to find out from your data center provider what protections it has in place to specifically guard against DDoS attacks, as well as what protections it has that may not be designed as DDoS safeguards but that might provide tangential protections. The use of server virtualization, for example, may give providers enough flexibility to throw massive amounts of resources at a service that’s struggling in the wake of a DDoS attack. Other capabilities that can be counted on to prevent or mitigate a DDoS attack include load-balancing clusters and hot-swappable hardware.
With that said, these safeguards may or may not be enough to prevent your organization itself from feeling the effects of a DDoS attack. It is therefore important to shore up your service providers’ protections with locally implemented safeguards, such as high availability, proxy farms and basic firewalls.
To find out more about the services and features that your provider can deliver against the threat of DDoS attacks -- and how you can use them strategically as part of an incident response plan -- download the free report on using service providers to mitigate DDoS threats.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.