During the second quarter of 2015 it has been declared that Distributed Denial of Service (DDoS) activity has hit an all-time high, growing in volume by 132% over the last year and 7% since the previous quarter. A DDoS attack typically involves a multitude of systems targeting a single host, by flooding the targeted resource with requests from hundreds or maybe thousands of multiple sources.
Knowing the signs of an active DDoS attack is key. Not every disruption to service is the result of a DDoS attack. However there are a number of signals that could indicate a DDoS attack:
• Abnormally slow network performance such as opening files or accessing websites.
• Inaccessibility of a certain website.
• Inability to access any website.
There are two main types of DDoS attacks. The first being a volumetric attack, where the attacker generates a large amount of traffic in which your site cannot handle and although most of this is junk traffic, increasingly this traffic appears genuine. The second being an Application level attack which occurs when a hacker mimics human behaviour and may target a specific area of a website such as the logo, continually downloading resources hoping to exhaust the server.
With average DDoS attacks capable of clogging the Internet connectivity of many corporations it is imperative that the implications of an attack are fully understood. Understand that you are vulnerable and a target and assess the impact on your business such as revenue, productivity and reputation management and then implement appropriate protection to mitigate any attacks.
Mitigation techniques can be split into two main categories: On-premises DDoS protection and IP cloud scrubbing. On premise DDoS protector is a real-time defence mechanism which sits on the edge of your enterprise network, preventing an outage by inspecting traffic and blocking attacks in real-time, while continuing to allow legitimate traffic to flow without disruption. Cloud scrubbing is a service that can be used as an “always on” selection. This works be by re-routing traffic to the cloud scrubbing service so that it can be continuously processed. Once processed, any illegitimate traffic attempting to connect to your site can be identified and blocked, while allowing legitimate back through.
Even if you do not have a DDoS solution in place, it is vital that you know who to contact immediately, under the suspicion that your company is under attack. DDoS attacks are more prevalent than ever and every good security proposal should include some form of mitigation in order to alleviate the effects of a service outage.
Blue Chips offering for DDoS mitigation is the “always-on” solution specifically for volumetric attacks, to provide the reassurance for our customers on a 24×7 basis. If you are looking for a solution to smaller, less obvious attacks then Blue Chip offer an Intrusion Prevention System for our Managed Service clients which is able to pick up on these types of attacks.