Denied! Why it’s time to address the real risk of DDoS attacks
14 September 2016 | 0
The risk of distributed denial of service (DDoS) attacks to the average organisation is higher than it has ever been. Until relatively recently, DDoS attacks were the definition of ‘black swan’ events: uncommon, unexpected, and with unpredictable results.
In the early days as cybersecurity made its way to the mainstream, these attacks made headlines. Government web sites, news outlets or gambling services made for high-profile targets. Since then, many more organisations are falling into the net as cybercriminals gained easy access to the tools needed to launch attacks. A recent report from Arbor Networks found that the scale and frequency of DDoS has grown dramatically compared to 2015.
This is not just an international problem. Agile Networks surveyed a broad base of large public and private sector customers, along with and mid-sized domestic technology companies. Almost every other organisation we polled (46%) said they suffered a DDoS attack in the past 12 months.
So, we have established that the risk is far greater than before, and you might expect that the same number that were attacked have taken steps to fix the problem by investing more money to mitigate against a repeat. Yet our survey found only 30% are allocating more budget specifically to tackle DDoS.
“The risk of DDoS is now so great that organisations need to identify weak points in their systems, analyse the likelihood of an attack, how it would affect their operations, and decide how they want to mitigate it”
The reason many people don’t allocate budget to preventing or managing DDoS seems to be because they think it is someone else’s responsibility to solve this problem. In our survey, we asked whether organisations should build their own DDoS protection or rely on the service provider: 29% believe service providers should take responsibility, and 67% said it should be both. Only four per cent said they would build their own.
Some organisations find it hard to measure risk because they think of IT systems as invisible or intangible. So, let us consider the problem using a real-world comparison. It is as if every second office premises has been broken into during the past year, but a significant number of victims still have not upgraded their alarm systems. If you were in a retail park and half your fellow tenants had been broken into, you wouldn’t be slow about employing a security guard or taking the appropriate steps to protect your premises. The survey suggests many companies think some or all of the burden should fall to the business park’s management company.
The risk of DDoS is now so great that organisations need to identify weak points in their systems, analyse the likelihood of an attack, how it would affect their operations, and decide how they want to mitigate it. Is the risk of downtime minimal enough to outsource the problem entirely to a service provider that can give various options, or would business disruption be sufficient to take some precautions by investing in more internal security?
Agile Networks can help because we work directly with both enterprises and service providers and know where potential gaps exist. Additionally, we also partner with many of the leading vendors including Cisco, Palo Alto Networks, F5, and Juniper so we can customise an approach that best suits an organisation’s legacy investments and acceptable level of risk.
Darragh Richardson, managing director, Agile Networks