Distributed Denial of Service (DDoS) attacks are one of the most disruptive cyberattacks and can be incredibly difficult to stop. These attacks are often carried out using a network of Internet-connected machines that flood your network with traffic to the point that your network becomes overwhelmed and services either slow to a crawl or stop entirely.

The goal of the DDoS attack is to weaken your network or render it incapacitated so that a subsequent malicious attack may occur. Unfortunately, the connected nature of our business environments lends itself to increased exposure for DDoS attacks; but that doesn’t mean you need to sit back and wait for it to happen.

PREVALENCE OF DDOS ATTACKS IN 2020

According to a recent report released by Cloudfare, the majority of DDoS attacks in Q4 2020 lasted less than an hour, which is a significant decrease (88%) from Q3. However, the report went on to highlight that SYN (i.e., “half-open” attacks that target network connections), SYN-ACK (i.e. final acknowledgement/response), and RST (i.e., Ransomware Stress Test) continue to be the most dominant attacks, and those over NetBIOS saw a mind-blowing 5400% increase.

According to experts, “By repeatedly sending initial connection request packets with a synchronize flag (SYN), the attacker attempts to overwhelm the router’s connection table that tracks the state of TCP connections. The router replies with a packet that contains a synchronized acknowledgement flag (SYN-ACK), allocates a certain amount of memory for each given connection and falsely waits for the client to respond with a final acknowledgement (ACK). Given a sufficient number of SYNs that occupy the router’s memory, the router is unable to allocate further memory for legitimate clients causing a denial of service.”

9 TIPS FOR PROTECTING YOUR BUSINESS FROM DDOS ATTACKS

Preparation is the key to protecting your business in virtually every instance. When it comes to DDoS, here are a few tips you should keep in mind:

1. Ensure your website and other external sites are protected behind a firewall. “If configured correctly, [firewalls] can deflect bogus traffic by analyzing it as potentially dangerous and blocking it before it arrives.”
2. Ensure all software and security applications are patched with the latest updates.
3. Leverage a load balancer for operational content.
4. Monitor site activity to detect any abnormal spikes in traffic.
5. Set up alerts to notify key personnel of abnormal traffic or activity on your network.
6. Check for vulnerabilities in your network environment.
7. Ensure you have a trained cybersecurity expert on staff or a trusted cybersecurity advisor to not only help you create a sound risk mitigation plan but assist in the event of an active DDoS attack.
8. Use an IP stressor to help test bandwidth capacity.
9. Establish a DDoS response plan. Understand that the DDoS event may only be phase one of the cybercriminals plan to infiltrate your system, it’s important to include this response with your overall cybersecurity threat response plan.

DDoS attacks are not only disruptive, they can cost your business both time and money. It is virtually impossible to completely eliminate your DDoS risk exposure. However, Security Pursuit has a team of experts who are well versed in the preventive measures you can deploy to greatly mitigate your risk and ensure your business has an appropriate plan in place should a malicious event occur.