We often receive requests from organizations that have no defense for distributed denial of service (DDoS) attacks, and are under DDoS attack. They need a solution, ASAP, but unfortunately, it can take hours to contract with any DDoS mitigation provider. You can call your Internet Service Provider, but they may only be able to null-route all the traffic going to your server; that’s not a solution, since it still takes your website or service offline. There is simply no such thing as an instant remedy, unless you are fortunate enough to be using a Hosting Provider or Internet Service Provider that already offers DDoS protection as a service. Otherwise, organizations must consider the time it takes to find a mitigation solution, get budget approval, and then actually implement it. If you can’t sign up for protection directly from your existing provider then, by the time you find, purchase and deploy a suitable DDoS mitigation solution, the damage from the attack has already been done.
Without an always-on mitigation solution in place, and you are hit with a DDoS attack, it is highly likely that your business will suffer. Legacy on-demand DDoS solutions cannot protect you from the impact of the increasingly common short, sub-saturating attacks that are now the cybercriminals tool of choice. Your website or services may be targeted with a volumetric attack that knocks them offline, or at the very least degrades their performance. You might not even be able to communicate with your customers/stakeholders during such an attack crisis, since your normal channels for communication will also likely be impacted. Either way, such attacks consume valuable IT personnel time, and are highly likely to interfere with your customers’ ability to engage with your organization, or your employees’ ability to conduct business. It will likely be a mad, time-consuming, scramble to get all your network or services back online, even after the attack(s) recedes.
There is no substitute for a dedicated DDoS mitigation solution, but in any case, organizations should at least have some form of DDoS action plan in place. They should have staff who are trained in incident management and recovery; who’ll have some understanding of what’s needed to recover from a DDoS attack, and they’ll know what to do, to minimize impacts. Their training can help choose the best defense solution and will help you deal with the fallout from an attack. It’s also a good idea to conduct periodic penetration testing, but make sure to choose a window where you can risk the test attacks taking you offline – Just make sure you test with short, sub-saturating and multi-vector attacks, as well as those which are long-duration and saturating.
The lesson is that an ounce of prevention is worth a pound of cure. The best way to drastically reduce the possibility of being victimized by a DDoS attack is to deploy automatic, real-time DDoS protection, that can surgically remove short sub-saturating attacks as well as large volumetric attacks.
For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s flexible deployment models, click here. If you’d like to learn more, please contact us.