With the development of technology in the modern market, new rules of the game begin to operate: competition and methods of fighting for customers are getting tougher. There has also been a rapid rise in ransomware that puts pressure on threats of DDoS attacks. And this is not surprising, because today you can easily arrange a failure in the operation of any resource without large financial costs. Alexander Svadkovsky, CEO of is*hosting, will tell you how to protect your business from DDoS attacks.
Over the past few years, the market for such illegal services has expanded significantly. One need only look at the data from Cloudflare to see that throughout 2020 the number of attacks has steadily increased.
Website outages can cause serious material damage to the company, so it would be much wiser to resolve this issue before problems arise.
Table of Contents
What are DDoS attacks?
Source: logsign.com
The concept of DDoS (Distributed Denial of Service) stands for “distributed denial of service”. This is a set of actions, the purpose of which is to cause damage by blocking the operation of the target system (website or application). The essence of the process is that a huge number of fictitious requests are simultaneously sent to the resource, for which the server spends all its resources and is no longer able to respond to “live” users.
DDoS is a subset of DoS attacks. The prefix “distributed” means that to achieve the effect, attackers use a whole network of devices controlled directly or infected with a virus. Such systems are called “botnets”.
Another (and most common) form of DDoS is sending junk traffic to the server in copious amounts. Then the bandwidth of the channel will be consumed. The server, for its part, is able to ignore such data, but ordinary users will still not be able to access the resource.
Why DDoS attacks pose a threat to business?
DDoS attacks can be made on any resource for various reasons. Here is some of them:
- Blocking the site during peak sales. Customers who fail to use the service on time are likely not to wait and turn to competitors with a similar request.
- Downgrading in search results. Search engines are very sensitive to the stability of the site. Long-term or frequent outages can cause them to perceive such a resource as unreliable and significantly reduce its position.
- Blackmail. Some attackers may demand money to stop DDoS attacks. However, a one-time payoff does not guarantee that such a situation will not happen again in the future.
- Revenge. Trite, but the reason may be the personal dislike of a former employee who is a little versed in system administration. If we are talking about a small site, it will not be difficult to disable it, even with a small amount of resources at our disposal.
It is worth noting that over the past few years, it was extortionists that began to pose the greatest threat. Confirmation of this can be found by referring to Gartner research:
This chart indicates a significant increase in lower traffic attacks that were most likely carried out by amateur attackers. There is even a special term for this – RDDoS (ransom – “ransom”).
More often than not, extortionists stage a small attack shortly before making their demands. On average, it lasts no more than an hour and is a demonstration of the capabilities of attackers. Following this, the site owner receives a letter demanding to pay off a larger attack in the future. At times, such threats can be pure bluff, but some are capable of shutting down a site for the next few weeks.
To understand the scale of the losses incurred, it is enough to calculate the expected income based on the number of visitors per day and the average check size.
Thus, the losses of the site are ten times higher than the costs of stopping its activities. Thanks to this, extortionists can rely on the owner to succumb to threats and pay off so as not to suffer even greater losses.
Another important nuance worth paying attention to is that DDoS attacks can block access not only to clients, but even to administrations. This can happen if the CRM is hosted on the same server as the resource. Thus, not only will the channel for new orders be blocked, but the work of the back office will also be paralyzed. Therefore, it is much more profitable to create a reliable security system at the very beginning than to deal with the dire consequences of a sudden failure along the way.
Which business should be most wary of DDoS attacks?
Source: varonis.com
The victims of DDoS attacks are mainly media, online stores, company websites, and online game servers. However, no one can be 100% insured. Seasonal businesses are often attacked. For example, in the spring one can observe an increased wave of attacks against the flower business. In the summer, competition among travel companies intensifies, the beginning of autumn marks the peak of the struggle for supremacy in the market for school goods, and in winter the hostility of the organizers of New Year’s parties is kindled.
Do not be naive to assume that DDoS attacks only threaten large companies. The number of attacks on medium and small businesses has increased significantly over the past few years. The cost of such services is low – starting from $ 50 per day. Moreover, for such an amount, it is quite possible to get at your disposal a network of bots that can stop the work of a large online store.
In order to figure out whether DDoS attacks pose a risk to a business, it will be helpful to understand the competitive environment in which it is located. After all, most often attacks occur precisely where there is not enough space on the market, and the usual methods of competition (like advertising or discounts) are practically exhausted. It is necessary to analyze how big losses a business shutdown can cause and compare them with the costs required to organize an attack. Any site whose services are in demand and profitable can face DDoS attacks on an ongoing basis.
How can you protect your business from DDoS attacks?
There are several ways to secure your business from DDoS attacks. Most of them require the company to have a qualified technology department that can implement them. Among the most effective approaches:
- Hide the real IP of the server using WAF (Web Application Firewall). Companies such as Cloudflare, Amazon CloudFront and others can help with this.
- Make sure that IP addresses cannot be found using DNS records such as NS, MX, TXT, or SPF.
- Do not host mail or other services on the same server as the web server.
- Never initiate outgoing connections based on user actions.
- Make sure that DNS server records are not stored in the history of foreign resources. This can be done using services such as SecurityTrails or Shodan. If the IP address is already disclosed, it must be changed after the server is registered with Cloudflare.
If the company does not have the opportunity to deal with all the intricacies of creating a reliable security system, the best solution would be to seek help from a hosting provider.
How can a hosting provider help avoid DDoS attacks?
Source: securelist.com
The simplest and most effective solution to protect your business from DDoS attacks is to contact your hosting provider for help. His services most often include all of the above measures to protect the site. Another argument in support of such a solution: the provider company will be able to help set up many other Cloudflare tools that will be useful in further protecting the site. Among them are Bot Management, designed to stop malicious bots, Rate Limiting, which blocks suspicious visitors, and many others.
In addition to making it easier to work with security services such as Cloudflare, hosts can take certain steps to protect their own customers. For example, is*hosting has a special location in the Netherlands, where high-quality DDoS protection is configured, both for dedicated servers and for VPS. Clients exposed to major attacks may migrate there. Site protection is organized at the data center level and does not require traffic redirection to third-party cleaning centers. This approach minimizes delays and does not affect the speed of the site.
Conclusions
DDoS attacks are a common way of unfair competition in the web services market. They pose a threat to both large and medium and small businesses of a wide variety of directions, so almost any site can become a victim of a DDoS attack. You can protect yourself from failures on your own by hiring a team of technical specialists, or by contacting professionals from specialized companies for help. The simplest and most effective solution is to use the security services provided directly by the hosting provider.
Timely protection of the site from DDoS attacks will help save money and time that could be spent on restoring the resource after a failure caused by attackers at the most inopportune moment.
