As mentioned in our previous post, cyberattacks are becoming increasingly prevalent and more sophisticated and pose a massive risk for business continuity. Despite great strides made with internet security technology, distributed denial of service attacks (DDoS) continue to disrupt business continuity.
What is a Distributed Denial of Service (DDoS) attack?
Cybercriminals typically execute DDoS attacks by flooding a device or environment with excessive traffic to overload the device or environment. This, in turn, prevents legitimate traffic to flow. The attack simulates increased traffic through automated processes. A typical indication that your website, for example, could be under a DDoS attack, is when it becomes extremely slow as traffic increases disproportionately. The goal of a DDoS attack is to render a device or environment unusable for its intended purpose. Although cybercriminals more often direct a DDoS attack to take down a website, it can also be utilized to disrupt any application environment and so prevent business functions from operating normally. DDoS attacks are particularly hard to combat because of the difficulty to distinguish good traffic from bad traffic.
Types of DDoS attacks
Distributed Denial of Service (DDoS) – Cybercriminals direct traffic requests from numerous different sources to “attack” a website. As these sources all have different IP addresses, and can generate as much as a terabit of traffic per second, blocking the requests becomes near impossible. This is the most frequent type of attack.
Advanced Persistent DoS (APDoS) – This is a more sophisticated and complex DoS attack that is often focused on a specific target, for example, big corporates and governments. The goal is, as the targets would suggest, political or economic. This type of attack requires substantial hardware resources and APDoS assaults are usually executed by groups. Attacks are launched at various intervals and different request types with continuous switching to prevent DoS protection from initiating.
Denial of Service as a Service – This type of attack is masked as a web front-end “stress” test service. The service appears and are marketed as legitimate. The attackers market a service that can be used to test an environment’s response to a stressor (such as a simulated DoS attack) to determine if it is capable of handling the volume. They may be legitimate (or marketed as such) services used to perform stress testing of an environment to determine if it will handle the planned volume.
Email bomb – An email bomb attempts to overload an email environment by transmitting a massive amount of spam messages.
We have discussed business continuity planning in our eBook, Layman’s Guide to Business Continuity Planning but cannot stress this enough: effective business continuity planning identifies the critical resources required for an organization to continue operating during a disruption. In this particular case, critical resources refer to those resources that will keep your organization functional during a detrimental DDoS attack. The top three resources to consider are risk management, security solutions and operational risk mitigation.
It is crucial to factor in cybersecurity when devising your organization’s business continuity plan. For more information about Plan4Continuity, visit http://www.cloudoakchannel.com/business-continuity-planning/ or contact us at firstname.lastname@example.org.