A Distributed Denial of Service (DDoS) can bring the Internet services of any online business to its knees. Such downtime can cause businesses heavily reliant on the Internet to suffer some heavy financial losses.
A recent survey carried out by Neustar, Inc. polled 1,000 IT professionals in North America from various industries about DDoS attacks. They found 300 businesses that said that they suffered at least one attack, from which 35% said that they lost more than US$10k per hour of the attack; 35% of the 300 businesses said that they suffered an attack that lasted more than 24hours.
Businesses would suffer differently depending on the sector; for example, of the 32% in the financial sector who said that they were attacked, 82% said that they lost more than US$10k per hour; compare that to the 16% in the retail sector who said that they were attacked, 67% said that they lost more than US$100k per hour.
These attacks caused negative customer experience, impacted the brand image and caused direct financial losses. It’s important to note that 25% said that they had no way to counteract the attack.
The Caribbean Connection
While it is easy to dismiss the results as being US centric and not relevant to the Caribbean, one merely has to look at the recent attacks on the T&T Government Websites. Even if you may not have online services for customers, what effect would an attack have on e-mail, Virtual Private Networks (VPN) or your own Internet browsing experience? Disruption or degradation of these services will cost your business money and may negatively impact your ability to service your customers.
Most businesses do not take Cyber-Threats seriously, but we need to change that. If we expect to compete on the global level, we need to also manage the global threats that exist; we are no longer islands in the sea.
How to Protect Yourself
A DDoS is hard to prevent, and harder to stop; the only steps you can take are evasive actions. Using techniques, such as multiple ISP links, highly-available Domain Name System (DNS), Intrusion Detection and Prevention Systems (IDS/IPS) and Operating Systems hardening, can help you to withstand an attack. Have your Incident Response Plan or Action Plan prepared to how to respond to such a threat and ensure that it is tested. Then pray that it never happens, but if it does, at least you are ready.