If You Haven’t Already Been DDoS’ed, Assume You Will Be
It’s no secret these days that cyber threats are rampant and varied. Ransomware, malware and distributed denial of service (DDoS) attacks are not frequently mentioned in the mainstream press, but they are everyday news in technology and finance trade publications. Cyberattacks are an everyday occurrence for some companies, a rare occurrence for others. Some companies are keenly aware of attacks on their networks, but other companies are not. Even in some companies that have dedicated IT security staff and systems in place, major security breaches have occurred. It can take months or even years for an organization to realize that it has been breached.
Yes, a DDoS Attack Could Happen to You
Some professionals may be in a state of denial, psychologically; i.e., they believe that “no one would try to hack our site because we’re not high-profile, or we have nothing that a hacker would want.” To make such an assumption is definitely a big mistake, and could cost your company a lot of time and money. The vast majority of organization networks include data that is valuable to someone, somewhere. Besides credit card numbers and email addresses, sensitive data may include medical records or social security numbers.
Hackers’ Money Motivation: DDoS Extortion & Ransomware
The market price for stolen sensitive data has been decreasing, but data is still priceless to its owners, so hackers are increasingly committing cyber extortion to extract money from victims. The message they convey is basically, “Pay the ransom or I’ll steal and expose your sensitive data.” Alternatively, hackers sometimes threaten to launch a DDoS attack unless a ransom is paid. Or, they actually launch a DDoS attack and promise to stop the attack if the ransom is paid. (Would you trust the promise of a cybercriminal?)
What does Extortion Have to do with DDoS attacks?
A DDoS attack is not a security breach. But recently there are reports of multi-layered cyber-attacks that combine ransomware and DDoS attacks. The hacker method is to use DDoS to take down the first layer of defense, such as a firewall or intrusion prevention system (IPS), and then map the floor plan of their target's environment, and determine any weak points and vulnerabilities that can later be exploited through other methods, such as ransomware. How do they do that without getting noticed, you may ask? Via small, sub-saturating attacks that cause temporary, minor network outages to mask a more nefarious malware infiltration or data theft.
DDoS Attacks Big or Small
It’s interesting that DDoS attacks are getting larger in volume; we have entered a new era, with terabit-sized DDoS attacks like the one on Dyn and Krebs Security are becoming common. Yet the smaller, hard-to-detect DDoS attacks are much more common and can be just as—if not more—damaging. The fact is, enterprises nowadays must worry about all types and sizes of DDoS attacks. Companies have to assume that they will most likely experience a DDoS attack (if they haven’t already!)
What Should Enterprises Do?
Defense is essential but, admittedly, not every enterprise can afford DDoS mitigation solutions. Fortunately, more and more service and hosting providers are rolling out DDoS protection as a service (DDPaaS), which makes DDoS protection more affordable for organizations of all sizes. So, ask your Internet service provider whether they offer DDoS protection as a service; thanks to Corero’s DDPaaS enabling technology.