Enterprises need to consider that even if they have protection against distributed denial of service (DDoS) attacks, their business could be taken offline if their Internet Service Provider (ISP), hosting provider or Domain Name Service (DNS) provider does not have adequate DDoS protection. ISPs and hosting providers are attractive DDoS targets for hackers, because the impacts are far-ranging; think of it in terms of hitting several birds with one stone. That’s why it’s crucial to do your research when it comes to choosing your providers.
Direct vs. Indirect Hits
Hackers sometimes target a hosting provider or ISP directly, as was the case a couple of weeks ago in late August, when DreamHost was directly hit by a DDoS attack, resulting in several hours of downtime for its customers. Another example of a direct hit was in October 2016, when the Domain Name Service provider Dyn suffered a mega DDoS attack. Both incidents show that an attack on an Internet gateway can spell trouble for any of its customers downstream; and there are many more such examples. The volumetric attacks make headlines and raise eyebrows, however, many providers experience several low-threshold DDoS attacks each day. Even if hackers launch a low-threshold attack on a provider, it can result in network “noise” and degraded service for downstream customers.
Even an indirect hit; i.e., an attack on one of a hosting provider’s enterprise customers, can cause collateral damage to other customers using the service. If a hacker succeeds in launching a several-hundred-gigabit DDoS attack to take a website offline, it will almost certainly affect customers who co-reside or are reliant on the infrastructure transporting the attack; that’s collateral damage.
As part of their service level agreements (SLAs), many hosting providers offer 99.9% (or even 99.999%) uptime. However, even 1% downtime can dramatically affect a business. In the event of downtime, some providers offer a compensation, such as a credit to the customer’s account, usually a percentage of the monthly fee. However, that credit might not outweigh the downtime cost to the tenant; if a business website is down, that usually means that clients or customers can’t find the business online or access its products/services. This usually results in loss of revenue, and damage to brand/reputation.
Be aware that not all ISPs and hosting providers are equal when it comes to DDoS protection. When shopping for a 3rd party ISP or hosting service, ask the right questions. Ask if they have a dedicated, in-line automated DDoS mitigation appliance at the peering and transit points that blocks all DDoS traffic from entering their network. Corero technology enables real-time, algorithmic identification of network anomalies and subsequent mitigation of the attack traffic, eliminating the DDoS attacks before they can traverse the network and impact downstream customers. Also ask whether they offer DDoS Protection Services (increasingly, many of them do offer this service, either as a value-added service or for a premium.)
For more information, contact us.