Reduce Vulnerabilities & Defend Your Brand Against DDoS Attacks

Uploaded on 2022-12-21 in TECHNOLOGY--Resilience, FREE TO VIEW

Distributed denial-of-service (DDoS) attacks are on the rise and the repercussions can be detrimental to businesses. Gartner has estimated the cost of downtime from DDoS attacks to be $300,000 per hour and a successful application attack costs, on average, $4.42 million per incident.

Yet, beyond the financial impact - a customer’s trust in a brand is truly what’s at stake with these cyber attacks. In fact, 31% of consumers have discontinued their relationship with a company due to a security breach and a significant number of consumers have lost their trust in a brand as a result.  

DDoS attacks only seem to be growing. As recently as September 2022, the Japanese government was targeted by an organised cyber criminal group called Killnet. Killnet planned a sustained DDoS attack that eventually overcame the government’s cyber defenses. Yet, the Japanese government was protected by one of the most recognised names in web security. Then, earlier this month, on U.S. soil, Killnet perpetrated a DDoS attack targeting major airports, including Los Angeles International and Chicago O'Hare, among others.

The modus operandi of the Killnet attacks is to employ a variety of DDoS techniques, including combining application attacks with volumetric network attacks. It deploys these in waves of attack that also target a company’s origin.

As online attacks increase in size, frequency and sophistication, businesses need to seek holistic security solutions to help detect and streamline resolution. 

Attacks On The Rise

DDoS attacks are here to stay. In fact, according to the 2022 Verizon DBIR (Data Breach Investigations Report), the number one security threat is a DDoS attack (46% of attacks) - and it’s growing every year. The number one targets are web applications and servers (56% of attacks), with DBIR highlighting web apps that remain unpatched and legacy apps that are older than four years as being the most affected.

Where Do Vulnerabilities Lie?

Companies remain vulnerable because they don’t protect all of their network against DDoS attacks. As attacks target both the network and application layers, organisations must protect against several attack vectors.

According to the Verizon DBIR, the second leading breach pattern is a basic web application attack, so businesses will also benefit from a Website Application Firewall (WAF)  solution. Once you deploy a WAF, your defenses improve significantly. Research by Edgio has found that that businesses can detect and contain a breach 77 days faster, on average.

As network architectures have evolved, so have DDoS attacks, exposing websites and networks to vulnerabilities, including the critical applications and processes dependent on those networks.

One vital part of an IT network that needs protection - and gets overlooked - is your origin. The origin server is where the original web page is stored. One job of a content delivery network (CDN) is to store, or cache, copies of the web pages on its edge servers that are located a short distance from the web app user. Global edge servers enable businesses to deliver lightning-fast performance to website and app users. The CDN hides the origin IP address, but devious cyber criminals, like Killnet, find and attack this chink in the armour. Deploying robust application security and DDoS scrubbing solutions are recommended to protect and mitigate against direct-to-origin DDoS attacks. DDoS scrubbing identifies bad traffic and redirects it away from critical systems.

This combination of defenses provides businesses with a full spectrum, holistic cyber security strategy and means attacks never reach their infrastructure, applications, and internet-facing websites.

How To Defend Against DDoS Attacks

Even though the threat landscape continues to evolve, there are still several steps you can do to protect your business and brand from DDoS attacks. Organisations should adopt a scalable, holistic security platform and protect their network, applications and origin using an edge-based DDoS protection solution. Direct-to-origin attacks can be defended against using a DDoS scrubbing solution and a security operations centre can improve business security responsiveness. 

It’s impossible to eliminate the risk of attacks, but there are practical steps business leaders can implement to protect and secure their organisation, before it’s too late.

Paul McNamara is Senior Solutions Engineer at Edgio

You Might Also Read: 

You Should Prepare Your Organization For A DDoS Attack:

 

« Cyber Threats & Nuclear Fears
What Security Issues Do 5G Network Providers Need To Address? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Stone Forest IT (SFIT)

Stone Forest IT (SFIT)

Stone Forest IT specialises in providing advisory, implementation and managed services for IT infrastructure, IT security solutions, business applications (ERP and CRM) and business analytical tools.

BullWall

BullWall

BullWall is a digital innovator dedicated to fight cybercrime in its many forms. Our overarching purpose is to stop new and unknown strings of ransomware attacks in its tracks.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.