DDoS attacks are emerging as the biggest security threat for businesses and can cost banks up to $100,000 per hour
Indusface, a leading provider of application security solutions for web and mobile applications, suggests some useful tips that can help mitigate the risk of a Distributed Denial of Service (DDoS) attack. As the number of application layer attacks continues to increase, there is a pressing need for chief security professionals to not only detect but also proactively prepare for such attacks.
Mr Venkatesh Sundar, CTO at Indusface explains, “A distributed denial of service is an attack where multiple compromised or hired systems are used to target a single system, but the intensity or the threat of the attack may have repercussions so severe that it might tarnish a brand beyond repair.”
Industry research on DDoS attacks shows that more than 60% companies do not have dedicated mitigation tools to deal with such threats. DDoS attacks can eat huge chunks of the bandwidth, processing speed, and memory to slow down or disrupt services. According to recent findings by the international internet analytic company Neustar:
- DDoS attacks cost banks up to $100,000 per hour
- 20% of such attacks last for days and even months
- 87% of the attacked companies were hit more than once
- Attacks within bandwidth of 1-5 GB have increased by 150%
- Companies need around 10 employees to mitigate DDoS
DDoS attacks can last from days to months depending on the negotiations. In fact, these attacks are easy to execute and don’t cost much for the hacker.
“Anyone can purchase a custom-coded DDoS module and launch it on any desired web application. In fact, a basic DDoS attack will not cost more than a few hundred dollars. The motives may range from severe competition to politics, terrorism, war diversion techniques cloaking some other hacking attempt and so on,” adds Mr Sundar.
Here are some quick tips to proactively mitigate DDoS attacks
What techniques are used to mitigate app DDoS attacks?
Depending on the kind of attack, there are several techniques that can be employed to prevent the outage. However, a very large part of preventing DDoS is monitoring the traffic continuously and consistently. This way, companies get proactive actionable data on attack and can formulate better
prevention policies before it gets severe. And that’s exactly why automated tools can never provide benefits that an expert-backed tool can.
How does web application firewall helps prevent app DDoS?
Web application firewall filters Layer 7 traffic directly and feeds data directly to security experts who can recognize malicious chunks of traffic trying to bring your services down. After which they apply rules and policies to block such attacks based on bot signatures, malicious IPs, bandwidth stealing, and so on.
Can you do it on your own?
If you are up for hiring and training security professionals with Layer 7 experience, mitigating DDoS in-house is possible. However, with huge costs and diversion from core business activity, most global players seek to outsource complete AppSec including DDoS mitigation to people who can monitor traffic 24 × 7 and take immediate countermeasures.
Is there an absolute security solution?
When it comes to DDoS security, there is no silver bullet technology that can solve every problem. With multiple attack vectors, on-going attack techniques, and zero-day vulnerabilities, automated technology alone is bound to fail. It cannot protect against all threats while also ensuring legitimate traffic doesn’t suffer. That is where the human experience and decision-making skills come in. Continuous expert monitoring with actionable insights is the most lethal combination of DDoS security that can prepare organizations with a proactive defense strategy.