A Distributed Denial of Service attack – better known by the acronym DDoS – is a type of cyber security threat which aims to hamper the performance of business networks. Unlike other forms of malicious cyber activity such as hacking, phishing or malware, the primary aim of DDoS is not necessarily to steal sensitive data or give an intruder remote access to a system.
What’s the aim of a DDoS attack and how does it happen?
Instead, the main goal of DDoS is disruption – to bring down or significantly degrade performance of websites, mobile applications, cloud-based services, and any type of IT system that relies on network communication. A DDoS attack works by flooding a target network with traffic, usually by sending a barrage of requests from multiple, often untraceable sources at once. Under the strain of this level of network traffic, systems will either struggle to carry out ordinary tasks efficiently and effectively or, in the most extreme cases, stop functioning entirely.
Number of attacks are increasing, yet they are on a smaller scale
The number of DDoS attacks increased by 84% in the first quarter of 2019 compared to the last quarter of 2018. Such high figures are partly down to cyber security experts gaining a more sophisticated understanding of the tactics perpetrators of DDoS attacks employ. In the past, most of the focus was on large-scale incidents which were conspicuous because they ground entire business services to a halt.
Now, however, the majority of DDoS attacks are much smaller and are launched with the specific aim of going undetected. Instead of causing a catastrophic outage to a business network, they instead aim at lower-level disruption – slowing down a website, interrupting data transfers, making certain tools and features in applications unreliable. These are known as sub-saturated attacks, meaning a system is inconvenienced without being totally overwhelmed. By having a less obvious impact, DDoS attacks may continue for weeks unnoticed, or the same targets may be hit repeatedly. According to one report, 86% of businesses affected by DDoS suffer multiple attacks.
Reputational damage is now a big danger posed from DDoS attacks
This evolving understanding of DDoS has also led to a shift in how businesses perceive the threat. When DDoS was mainly talked about in terms of full system outages, the main risk highlighted was the direct loss of revenue. But now things are viewed differently. According to a study by Corero, just 13% of businesses now view loss of revenue as the biggest danger posed by DDoS. By contrast, 42% see reputational damage arising from underperforming and compromised websites, apps, communications systems and other IT assets as the most significant threat.
This is an important breakthrough in the battle to raise the bar on DDoS protection across the industry. While massive, catastrophic DDoS attacks grab headlines and can lead to enormous financial losses for the victims, they are relatively few and far between. This has in the past fuelled an air of complacency around DDoS, a sense of “we’d be unlucky if it happened to us.”
The growing awareness that DDoS is more commonly about smaller-scale, low-key attacks that could be happening to your business right now has changed the conversation around DDoS mitigation. Company owners and IT teams are beginning to wonder what might be causing those little glitches and go-slows that previously might have been taken for granted and are becoming more proactive about taking preventative measures. With the conversation focusing on customer experience, quality of service and brand reputation in the digital world, every business has a renewed incentive to take DDoS more seriously.
Here are four ways DDoS attacks could be threatening your brand reputation right now, and why you should be actively seeking ways to protect yourself with a professional DDoS service.
1. Website disruption
The most obvious way DDoS attacks damage brand reputation is when they cause web-based services and applications to stop working properly. For any business with a digital presence, things like page loading speeds and availability are absolutely crucial to the customer experience. And the fact is, customers are not very tolerant of things not functioning online.
For example, a quarter of people will give up trying to look at a web page that takes four seconds to load. For ecommerce sites, a slow-loading checkout increases the rate of abandonment by 75%. Speed and efficiency have become table stakes for any brand that runs a website. A DDoS attack doesn’t have to freeze your site completely to drive customers away and stop them returning.
DDoS mitigation measures that can help counter the impact of sub-saturated attacks on your web assets include things like load balancing and database caching to help deal with any sudden traffic spikes and allowing you to scale up available resources as required.
2. Slowed down business systems
It isn’t just websites that are vulnerable to DDoS attacks, and nor are they the only type of digital asset that has an impact on how customers, clients and business partners perceive your business. In the modern world, everything from EPoS tills to company accounts systems, VoIP telephone lines to IoT sensors run on networks.
When those networks are blasted with unwanted traffic from DDoS attacks, your tills and card payment devices stop working as fast as you need them to, leading to queues forming and customers becoming disgruntled. Underperforming ERP and finance systems can lead to delays placing orders or paying invoices, upsetting suppliers. If your communications system is affected, customers calling or messaging your contact center might not get the efficient service they expect. And in modern ‘smart’ factory environments, poor network performance means production lines don’t work as well as they should, potentially impacting on ability to meet order deadlines.
All in all, DDoS can hurt the customer experience and prevent a company from meeting its SLAs in multiple ways, because it can negatively affect networked IT systems in all sorts of ways. The thread that links all of them is damage to your reputation.
3. Data breaches
We said at the top of this article that the primary aim of DDoS is disruption rather than theft, fraud or any other objectives widely associated with cybercrime. However, DDoS attacks are increasingly being used by cybercriminals in conjunction with other tactics to help them gain access to protected systems and steal valuable data. For example, a DDoS attack targeted at a network’s security protocols can render it open to exploitation, while legitimate users are frozen out and rendered incapable of taking remedial action. In other cases, DDoS is used as a diversionary tactic to draw the attention of security professionals while hackers compromise systems in other ways unnoticed.
Data security has become a high stakes game for businesses of all types. Traditionally, financial institutions subject to tough data protection regulations such as PCI and MiFID have been particularly vulnerable to heavy fines and reputational damage resulting from lapses in data protection. But now, with GDPR in Europe, every business has a legal obligation to take adequate measures to protect personal data it holds from all potential risks, including those posed by DDoS and associated forms of cybercrime. DDoS protection now needs to be viewed as part of the broader data protection agenda.
4. Source of the attack
Finally, the way that DDoS attacks proliferate and generate the traffic required to compromise systems can also lead to embarrassment and reputational damage to a company. DDoS perpetrators often use what are known as botnets, networks of compromised devices that they are able to control remotely, to orchestrate attacks. Individual botnet cells are known as zombies and can take many forms – personal computers, smartphones, company servers, IoT devices, essentially any type of networked device.
It is often possible to trace the traffic from a DDoS attack back to the individual zombies it originated from. This can draw unwanted attention to your business – if any of your IT assets have been compromised and form part of a botnet, it doesn’t look great if the first you know about it is when a damaging attack on another business is traced back to your resources. While it’s highly unlikely there’s be any suggestion that you were responsible for the attack, questions might well be asked about your security protocols. Anti-DDoS measures are about helping to keep other IT users safe as much as it is about protecting yourself.
Find out more about DDoS protection from M247 and how we can help protect your business and it’s reputation.