6 Ways to Protect Your Organization from DDoS Attacks
A distributed denial-of-service (DDoS) attack is when a malicious entity uses multiple systems to generate false traffic for the victim’s web server or website, flooding the bandwidth and making the site unavailable for the legitimate users. A favorite method for these attackers is using a botnet, or a network of private computers infected with malware.
A DDoS attack can cost an average of more than $2.5 million in revenue for an organization. But there are more than just financial consequences.
During a DDoS attack, no one can use the application, which will result in loss of business. Due to unavailability of the service, the company also might fail to meet its service-level agreement (SLA) with the customers. Brand reputation also tumbles if customers can't access your site or become casualties of the data breaches.
However, there are some proven practices for preventing DDoS attacks.
Continuously monitoring and scanning for vulnerability and following proper remediation actions is a given, as is installing and maintaining anti-virus software and security patches. Segmenting networks according to the requirement and applying appropriate security controls to control access to network segments are also good ideas. For increased security, you also can disable Universal Plug and Play (UPnP) on routers unless absolutely necessary.
If you experience a breach, identify the source of the attacks and block it with information stored in the router's packet source. Filter all RFC 1918 addresses, or private IP addresses, by using the access control lists, and monitor TCP port 23 for attempts to gain unauthorized control over the devices using the network terminal (Telnet) protocol.
Here are six specific tips for preventing DDoS attacks and for what to do if you fall victim to one:
1. Perform a DDoS risk assessment: If you run your own servers, then you need to be able to identify when you are under attack.
2. Overprovision bandwidth: It is generally good to have more bandwidth for your web server than you think. Even if you excess by 100 percent or 500 percent, it won't stop a DDoS attack, but it may give you some breathing time to act before your resources are dazed.
3. Set up defense for the network attack surface: There are a few technical measures like adding filters to tell your router to drop packets from the attacker or rate limit the router to prevent the web server from being overwhelmed. These measures will partially mitigate the effect of an attack, especially in the first few minutes.
4. Consult your ISP or hosting provider: If you suspect a DDoS attack, call your ISP or hosting provider, inform them about the attack, and ask for help.
5. Consult a DDoS specialist: For very large attacks, the best chance of staying online is to use a specialist DDoS mitigation company. These companies will have large-scale infrastructure and technologies to keep your website running.
6. Create a DDoS playbook: Creating a playbook and documenting details of planned responses to an attack is the best way to protect your organization.