When the day winds down and you settle against your pillow to read the news on your phone, once in a great while you’ll read about something and think “Wow, that’s a big problem…but it’s not my big problem,” and even though some corner of the world is assuredly going to hell in a handbasket, you can’t help but feel relieved.
That’s how the average person likely feels when it comes to DDoS attacks. These big bad cyber incidents have been grabbing mainstream headlines for well over a year now, but if you don’t know the full story of these attacks, you might figure they fall under the category of Nothing to Worry About. Whether you own a website or business or you’re just a run of the mill internet user however, let it be known, DDoS attacks are Something to Worry About.
A basic explanation
On the surface, what is the meaning of DDoS is a question with a fairly straightforward answer. DDoS stands for distributed denial of service, a type of cyberattack that seeks to overwhelm a target website’s server, network or other infrastructure with a massive amount of malicious traffic or requests generated by a botnet. When the target website is hit with more than it can handle, it’s rendered unusable because it’s either way too slow or it gets pushed offline altogether. That is how a website’s services are denied to its users.
DDoS attacks are nothing new; they’ve been plaguing websites and online services for over 15 years now. What is relatively new, however, are the DDoS for hire services that make it simple for anyone with an internet connection to launch an attack, the unwieldy Internet of Things botnets that are behind the biggest attacks in the history of the internet, and the impressive sums being paid to expert attackers to target fintech companies, online gaming platforms and other high-profile targets. All told, it’s ugly out there.
Unsavory facts and figures
In 2016 in a survey conducted by analytics firm Neustar, 73% of over 1000 corporate executives indicated that their organizations had been targeted by a DDoS attack in the previous 12 months. If you think that’s bad, the 2017 survey has come barreling in with 85% of executives saying their organizations have been targeted in the last 12 months, and 86% of the organizations targeted having dealt with more than one attack.
On average, it took organizations about three hours to respond to these attacks. That’s three hours of downtime, which leads to bad enough consequences on its own, but as the Neustar survey indicates, many of those attacks came with nasty side effects.
Why business and website owners have to care
Business and website owners have multiple reasons to be concerned about DDoS attacks, and many come down to the almighty dollar. For larger companies, an hour of a successful DDoS attack can cost between 20 and 100 thousand dollars. For companies of all sizes, the long-term ramifications of a successful attack are possibly even worse than those figures. The frustration and distrust that a DDoS-caused outage can stir up in a website’s users or a business’s customers isn’t easily forgotten, and with so many competing websites ready to step in for those users and customers, the loss of loyalty can be deadly.
Furthermore, it isn’t just outages that can be caused by DDoS attacks. According to the Neustar survey, 47% of organizations found virus activity on their networks after an attack, 43% found malware activated, and 32% uncovered a data breach.
Why virtually everyone should care about DDoS attacks
Amongst the oft-targeted are internet service providers and domain name servers, services tasked with keeping a large number of websites online and usable. When they’re hit with successful distributed denial of service attacks, swaths of websites go down like dominos. Last fall a domain name server called Dyn was smashed with an attack so large (thank you, Internet of Things botnet) that mega-popular websites including Twitter, Reddit, the New York Times, Spotify and Etsy went down with it, leaving users out in the cold.
DDoS-caused outages may leave you shrugging. If it doesn’t matter to you that you can’t access your favorite online game whenever you want, and if a morning without Twitter doesn’t sound like a terrible thing, you may still be wondering why you need to care about DDoS attacks. The reason is in the last line of the last section: those 32% of attacks that were accompanied by a data breach. For the most part, it isn’t intellectual property that hackers are after. It’s consumer data. Personal information, login information, payment card information, confidential healthcare information, it’s all got a price tag on the dark web, and you can bet that when your data is compromised, it’s sold to the highest bidder.
Repondez, s’il vous plait
Attackers have been finding a lot of success with DDoS attacks. As such, they aren’t going to go away anytime soon, or anytime not-soon, for that matter. It’s left up to website and business owners as well as internet users to respond.
Websites and businesses need to have professional protection against these attacks. With today’s attack-ridden landscape, there’s no other option. These attacks cannot be prevented, so they need to be dealt with at a speed only professional mitigation can muster.
The average internet user may feel powerless to stop these attacks, but they can help solve the problem by securing all internet-connected devices to keep them from becoming a part of a botnet. Some internet users may also make a point to avoid websites or businesses that repeatedly fall victim to attacks and seemingly don’t step up their DDoS protection game. This may seem harsh with the high number of attacks flying around, but DDoS attacks are quickly becoming everyone’s problem, and everyone has a right to deal with them the way they see fit.