The cost of unplanned downtime is rising. According to the Ponemon Institute’s 2016 report, the average cost of data center outages increased 7% since their last study, from $690,204 in 2013 to $740,357 in 2016. The cost of downtime has increased 38% since the first study in 2010.
The study identified the top four causes of downtime as:
UPS system failure (25%)
Human error (24%)
Distributed Denial of Service (DDoS) (22%)
Water, heat, or air conditioning failure (11%)
My colleague Todd Currie recently posted about how to mitigate these risks. Today, I want to drill down a bit more on DDoS for those of you who have a stake in securing your organization’s IT infrastructure but may not be security experts yourselves.
What is a DDoS Attack?
Many of you have heard the term DDoS, but for those of you unfamiliar, here’s a quick explanation. A Distributed Denial of Service attack is a type of cyberattack that cripples or disables an organization’s web-based IT infrastructure by overwhelming it with traffic from multiple compromised sources. A few new DDoS-related acronyms have entered the IT lexicon recently as well, such as:
PDoS (Permanent Denial of Service) – These types of attacks hit your infrastructure in such a way that some of it is permanently physically damaged and needs to be replaced. Yes, sometimes those 1’s and 0’s can have the force of a sledgehammer.
APDoS (Advanced Persistent Denial of Service) – A variation on the traditional DDoS attack we’ve come to know and love, APDoS attacks are far more nefarious. They’re multi-layered, automated, and intelligent enough to evade most traditional means of detection.
As threatening as those acronyms sound, some more basic DDoS trends are even more alarming. If you’re involved in reviewing and approving your organization’s cybersecurity strategy, you need to know about these.
#1 DDoS as a Diversion: DDoS attacks are being used to distract your security staff. While everyone is busy trying to bring your website back online, they aren’t watching your networks. This leaves you wide open to other types of cyber assault.
#2 DDoS and Ransomware Team Up: In this scenario, attackers use DDoS to disable your systems, promising to free them up once a ransom is paid. You might think attackers would target big businesses with deep pockets, but small and mid-sized businesses are not immune. The average ransom demand in 2016 was a mere $679. Hackers know that if they charge minor amounts, many businesses will take the “easy” way out and pay up instead of reporting the attack.
Unfortunately, paying the ransom will only encourage more of these attacks in the future, and there are no guarantees the hackers will call off the attack. According to the FBI, ransomware payments rose precipitously, from just $24 million in 2015 to $1 billion in 2016.
Related post: What is Ransomware and How to Protect Against It
#3 Attack of the Botnets: While the Industrial Internet of Things (IIoT) and Big Data hold great promise for business, cyber security experts are also sounding alarm bells. Threat actors have discovered they can slip malware into connected devices, from nanny cams to smart watches, turning them into an army of “bots” they can use to execute denial of service attacks.
Think this sounds like a science fiction movie plot? It has already happened. In October 2016, hackers used tens of millions of unsecured, connected devices to target a widely-used DNS provider in an attempt to “bring down the internet.” In reality, the attack affected roughly 1200 websites, but among them were Twitter and Netflix. This attack hit home for many of us, as it directly impacted big, mainstream sites who many assumed were impervious to such outages. Furthermore, Gartner estimates that more than 1 million net-enabled devices will be purchased every hour by 2021, virtually ensuring that these bot-based armies will continue to advance.
#4 DDoS for Hire: This one may be the scariest of all. If you don’t have hacking skills yourself, you can now buy DDoS as a Service for as little as $20 - $30 a month. It’s a felony, but that doesn’t deter everyone. In a recent interview with investigative reporter and cybersecurity guru Brian Krebs, Allison Nixon, director of security research at business risk intelligence firm Flashpoint, had this to say:
“The problem is that this kind of firepower is available to literally anyone willing to pay $30 a month. Basically what this means is that you must have DDoS protection to participate on the Internet. Otherwise, any angry young teenager is going to be able to take you offline in a heartbeat. It’s sad, but these attack services mean that DDoS protection has become the price of admission for running a Web site these days.”
Don’t Be a DDoS Attack Victim
DDoS attacks are such a destructive and pervasive threat that we’ve added an advanced Managed DDoS Defense offering to our portfolio of Managed Services. TierPoint Managed DDoS Defense service is an attack detection and mitigation solution designed to handle attacks at the network, server, and application layers. This includes protection against volumetric and non-volumetric attacks, SYN flood attacks, low and slow attacks, HTTP floods, SSL-based attacks, and more. You can learn more by visiting our website or reaching out to us here.
Brian Anderson is Director of Security Product Management at TierPoint where he is responsible for the care and upkeep of the Managed Security services portfolio. Brian brings 20+ years of experience leading product management and engineering teams focused on building and delivering advanced Cybersecurity, Risk, and Threat Intelligence services on a global scale. While he is currently based in suburban Philadelphia, he’s never far from the InfoSec frontlines.