Ignorance might not be a bliss always, especially when it comes to DDoS attacks. A recent Akamai's State of the Internet report claimed that DDoS attacks grew seven percent since the last quarter, a staggering 132 percent rise compared to last year's equivalent quarter.
“Many Indian IT professionals think they’re safe from DDoS attacks either with protections in their current firewall, switches and other network devices, or mistakenly think their ISP is able to provide 100 percent mitigation,” said Rajesh Maurya, country manager, India & SAARC, Fortinet.
According to Symantec, in 2014, India ranked number one among countries that witnessed the highest volume of ‘originating DDoS traffic’.
Not only ignorance, cost involved in carrying a DDoS attack also happens to be a reason behind it gaining ground.
Shrikant Shitole, MD, Symantec India, said that such attacks are simple to conduct for the attackers, especially with DDoS services which are available on hire for less than $5 (Rs.300) to perform the attacks for a few minutes against any target.
Even though enterprises are going all out to ensure they embrace the digital wave, but most of them are yet to realize that digitization makes them vulnerable to threats like DDoS.
Why you might be a target
Sudeep Charles, product marketing manager – Asia Pacific & Japan, Akamai said that enterprises are under the misconception that a single investment in technology such as an on premise firewall will protect the business against multiple kinds of threats,” said Sudeep Charles, product marketing manager – Asia Pacific & Japan, Akamai.
Maurya said that a common reason why organizations fall prey to DDoS attacks is that they think they will not be breached and the reason behind this is ignorance and lack of seriousness regarding the issue.
“Security professionals usually only hear about DDoS attacks happening to other organizations. They think that they don’t have enemies or have any other reason to be the target of an attack. In reality, their perception of risk factors and susceptibility are often misplaced. Simply having a web presence makes them a target, even if by mistake,” Maurya added.
None the less, as DDoS attacks surge, there are organizations who are gradually taking steps to understand the significance of such a threat. Shitole said that a certain segment of savvy organizations are now asking developers to state how to respond to a DDoS attack.
Perils of DDoS attacks
It cannot be denied that the kind of collateral damage DDoS attacks create is very real, especially when one takes into account IT architectures that are reliant on shared services. The broad impact of DDoS actually goes beyond IT.
"A DDoS attack targeted at one web site is bad enough. But what happens when that single attack poses the distinct possibility of doing even more damage than originally intended? It can rapture brand reputation and customer confidence. Talking money, it can cause revenue losses owing to inactive website and also has the potential to hit stock prices and investor confidence," Charles highlighted.
Even worse, not only can a DDoS attack bring about crisis in businesses but it can impact socio economic conditions as well.
Maurya said that DDoS attacks are mainly motivated by politics, regulations and finance. He further added that political attackers target those that disagree with their political, social or religious beliefs. “When a botnet gets shut down or major cybercrime ring is busted, it can trigger retaliatory attacks against those who aided or assisted the authorities,” Maurya said.
On the other hand Maurya said that financially motivated attacks are a pay-to-play scheme, where hackers are compensated by a third-party to conduct the attack on their behalf.
Businesses that are born in the digital space, like ecommerce companies, should be even more worried about DDoS threats.
Shitole said that DDoS attacks can bring online stores down which may result in loss of customers, revenue or in some cases, even repression, depending on the granted service-level agreements.
With the rise of botnets and DDoS attacks, the security scenario has become so complex that it is indeed difficult to determine what kind of traffic should be blocked and what should be allowed to ensure a profitable business.
Charles rightly points out that CIO’s must assume that in the case of attacks it’s not about 'if' but 'when'. So, it’s best to follow certain best practices.
Talking about few areas where enterprises are going wrong, Maurya said that most organizations spend a lot of time and effort to choose a DDoS mitigation solution however, often they don’t provide the same level of diligence in testing their defenses. He also highlighted that relying on a vendor’s word and datasheets isn’t the best way to make sure one is protected from DDoS attacks.
“The best solution is to have a layered protection approach that allows filtering at various levels, depending on the type of attack. A DDoS attack scenario should be part of every incident response plan,” said Shitole.
Even though it's said that what cannot be stopped must be endured, but advancements in technology has given birth to tools that can help organizations face and detect threats.
"If needed enterprises should outsource security, alongside making sure that big data is being used in order to proactively defend business critical online properties and applications," said Charles.
Shitole said that while dealing with DDoS attacks, it is crucial to have a response team ready. "IT heads should know and understand the network's normal behavior and also ensure a layered filtering approach towards security," Shitole added.
In a nutshell, it remains to be seen if Indian enterprises will actually move ahead of the state of ignorance when it comes to DDoS attacks and build a strong defense against it.