Distributed Denial of Service (DDoS) attacks are getting more and more vicious each day, hurting business targets both financially and reputationally. These attacks work by overloading a web server with requests and causing hours, even days, of downtime and inevitable frustration.
As technology evolves, says Seth Robinson, CompTIA senior director, technology analysis, so do DDoS tactics. Therefore, they are more sophisticated and harder to mitigate today than ever before. That said, there are a few steps IT pros can take to make their online business less prone to these attacks.
CompTIA has built a comprehensive DDoS Guide that dives into all the details behind this newer type of cybersecurity attack. But for now, here are some quick tips on mitigating the risk and averting a potential disaster.
DDoS attack prevention tactics
Obviously, there is no single all-encompassing solution that ensures full protection from DDoS attacks. Still, by taking the following measures, an organisation will significantly reduce the risk of a DDoS attack taking place and the impact if an attack should occur.
1. Upgrading your network security infrastructure
First of all, since any loophole can be exploited by cunning hackers, a business should make sure loopholes are closed. In other words, IT pros should examine their existing security system and keep it up to date at all times. That includes the firewall, anti-malware and anti-virus software, and anti-spam and anti-phishing tools.
Part of the security system is the underlying infrastructure. If your network infrastructure is basic and weak, it’s high time to upgrade it. A first step is to increase bandwidth. Doing this gives networks and servers the ability to handle sudden spikes in traffic, much like those that DDoS attacks cause.
In addition, multi-layer security solution is a must. This means avoiding centralisation of the data centre and placing infrastructure components in different locations. That way, if one area comes under attack, others can handle the regular traffic without any interruptions.
2. Adopting better network security practices
Beyond the nuts and bolts of infrastructure, hackers can take advantage of any oversights in your security practices, which is why they need to be foolproof. For example, many IoT devices still come with weak default passwords and overall weak protection. This makes them easy targets for hackers looking to expand their botnets, especially since their numbers are rapidly rising. To prevent slip-ups, IT pros should implement multi-factor authentication methods and change all passwords every once in a while.
In addition, compartmentalisation and access controls are best practices, especially if a business has many employees and a high turnover rate. Not everyone needs to have access to your most valuable resources and information, and restricting access can keep DDoS attackers from easily targeting these components.
3. Switching to cloud systems
Over the past year, companies have been migrating to cloud systems to build more flexibility and resiliency in their IT operations. There are security benefits, as off-premises cloud-based solutions typically have up-to-date patching and follow industry best practices to be secure.
From a DDoS perspective, cloud systems take decentralisation to the next level. Companies can consider either a multi-cloud approach with different cloud providers or a hybrid solution that utilises both off-premises and on-premises solutions for ultimate flexible DDoS protection.
4. Regular network monitoring
Another important way to protect servers from DDoS attacks is by monitoring network traffic. Luckily, there are many helpful tools out there that provide network monitoring. Tools such as Datadog Network Monitoring or Paessler PRTG Network Monitor will monitor traffic and send an alert when a spike in requests occurs.
Furthermore, it’s important to understand typical DDoS warning signs to ensure fast detection and response. Common symptoms include unusual traffic behaviour, network slowdowns, inability to access webpages and an abundance of spam emails.
5. Developing an effective response plan
Even if you implement all the security solutions outlined above, slip-ups can happen. If a DDoS attack actually hits a server, the best weapon against it is an effective DDoS mitigation plan.
Companies should form a DDoS response team that is technically competent to quickly execute a recovery plan. This team should build multiple strategies for identification and mitigation along with exact guidelines that staff must follow. Different strategies may be needed depending on the critical nature of different servers that could be attacked. A thorough recovery plan with multiple fail-over options can keep a business up and running during a DDoS attack.
Unfortunately, DDoS attacks are becoming more prominent every day, and they show no signs of slowing down. Apart from becoming more sophisticated and more destructive, these attacks can now be easily executed, even by a hacker with a relatively low level of technical knowledge.
Proper protection from DDoS attacks is a must for businesses operating in the digital economy. By building a modern infrastructure, creating a solid security strategy and developing disaster recovery scenarios, organisations can insulate themselves from the worst damage that DDoS can cause.
The author is Seth Robinson, senior director, technology analysis, CompTIA.
About the author
Seth analyses technology trends in the IT industry and provides insight into trend drivers and future direction. He has led research studies on IT security, cloud computing, IoT and mobility, among other areas.