Considered an old school risk by many IT Security experts, DDoS or Distributed Denial of Service has hit the headlines again in recent years. This old nemesis has regained popularity by cyber criminals cashing in on enterprise-level computer systems with inadequate support provision. This article will explore key dynamics surrounding the attack, the real financial cost and the aspects of DDoS the tech industry is talking about. I will also look at what companies need to do better help protect their digital assets and revenues from such attacks.
The definition of a Distributed Denial of Service, or DDoS Attack, is according to Cisco Research an:
“Attempt to exhaust the victim’s resources. These resources can be network bandwidth, computing power, or operating system data structures. To launch a DDoS attack, malicious users first build a network of computers that they will use to produce the volume of traffic needed to deny services to computer users. To create this attack network, attackers discover vulnerable sites or hosts on the network. Vulnerable hosts are usually those that are either running no antivirus software or out-of-date antivirus software, or those that have not been properly patched. Vulnerable hosts are then exploited by attackers who use their vulnerability to gain access to these hosts. The next step for the intruder is to install new programs (known as attack tools) on the compromised hosts of the attack network. The hosts that are running these attack tools are known as zombies, and they can carry out any attack under the control of the attacker. Many zombies together form what we call an army.”
There is a large body of tech research conducted into this very awful criminal behaviour. In 2004, Mirkovic and Reiher argued that DDoS is a “rapidly growing problem in the IT world.” Furthermore, Ioannidis and Bellovin (2002) argued that DDoS attacks required real-world re-thinking for senior IT directors and managers within enterprise-level computer-reliant organisations. Gupta, Verma and Kaul argue that hierarchical architecture – the function of mitigating DDoS attacks – requires a fundamental re-balancing of technology thinking at enterprise-level domains.
Such an attack has incredible legacy contexts that need better comprehension in order to pre-empt such future attacks. Large organisations need to work with security partners, like Computrad, to help identify threats and resolve problems before such problems can affect real-time systems. However, it should be noted that DDoS attacks have resulted in a massive revenue losses for companies throughout the world. Disruptions to revenue, according to Deloitte, have resulted in Amazon, PayPal, eBay, Net-A-Porter, Boo.com and Play.com in the UK losing approximately 2 to 3% of daily revenues due to such attacks. However, in recent years more focus has been targeted upon e-gaming platforms. These platforms have been attacked by DDoS in order to disrupt revenue streams, and in rare occasions this has successfully happened.
In order to better protect e-gaming and digital platforms, technology innovators, such as Computrad have released attack management and dedicated hardware systems that can help mitigate such activities. Organisations, with digital revenue platforms, need to work with managed DDoS service providers who can help. Computrad offer a bespoke Managed DDoS Mitigation Service that “recognises malicious traffic and prevents it from gaining access to your services without preventing any legitimate request.” Let’s look at why such services are important to your digital revenue systems.
Digital Research Consultancy, Bloor Research, reports that “there was a 36% increase in targeted attacks seen by its survey respondents in 2013. One type of targeted attack that has seen a particular resurgence recently is the distributed denial of service (DDoS) attack.” Furthermore, Cisco Security Research Labs argue “DDoS attacks should be a top security concern for organisations in the public and private sector in 2014.” Cisco, in their 2014 Annual Security Report, argues “because DDoS attacks had long been considered ‘old news’ in terms of cybercrime techniques, many enterprises were confident in security measures they had in place could provide adequate protection. But that confidence has been shaken by large-scale DDoS attacks in 2012 and 2013 which include Operation Ababil, which was directed at seven financial institutions and was likely politically motivated.”
Employing a top-class IT security project management and support organisation is the first point-of-call for any organisation wanting to examine their DDoS vulnerabilities. Computrad can offer bespoke enterprise-level security advice and support that can help your business mitigate the consequences of DDoS attacks and help you improve your digital security.