Picture this: It’s Black Friday and it’s time to take advantage of the massive sale on your favourite online shop. You’ve been receiving emails all month in the run-up to the day and you’ve bookmarked several items that you just have to have – and their prices for one day only are ridiculously low. You open the browser, head to the store and….
You find yourself staring at a blank page. The service is unavailable. You refresh. You close the browser and reopen it. You clear your cache. You restart your modem. Rinse, repeat. Still nothing. The site is down.
You phone the site’s customer service call centre and are placed in a queue. After waiting for 20 minutes, you know something is wrong. The queue for a call centre employee is huge. What’s going on?
You check on social media and posts about the Black Friday sale on this retailer are exploding with rage. You’re clearly not the only one having this problem. You are finally able to talk to one of the store’s employees and they say the site is down due to a Distributed Denial of Service (DDoS) attack. You ask how long the site will be down. They don’t know.
This site could be down for hours. It could be down for days. Glumly you go in search on other retail sites for the items you want. They’re not as cheap, but they’re available. As you make your first purchase, you angrily vow never to visit that other online retailer ever again.
DDoS attacks are on the rise
If this scenario sounds frustrating for a customer, imagine what it must sound like if you are the owner of a retail site under the same circumstances. A DDoS attack – which is what happens when an attacker floods a server or network with internet traffic to prevent users from accessing connected online services – can cost you untold damage in both earnings and reputation.
Retail sites are not alone; DDoS attacks can be targeted at any enterprise that operates in the online space, including corporations, financial institutions, NGOs, gaming networks, ISPs and even governments. And unfortunately, they’re on the rise.
In the last year, cybercriminals launched over 9 million DDoS attacks, with around 4.4 million occurring in the second half of 2021. Simply put, no business can afford to be without protection against such attacks. They are a vital part of any cyber security conversation.
Protect your networks
Businesses can guard against against DDoS attacks by purchasing a service that can act as a barrier to any attempt to overload their network with traffic. One such service, Liquid’s recently launched DDoS Secure mitigate attacks by scrubbing traffic and blocking known attackers or hostile traffic. On top of this, this service can give clients a line of sight into an attempted disruptions by providing reports on any attacks.
Services such as these provide businesses with a crucial layer of protection. They ensure work is not interrupted by DDoS attacks, prevent revenue loss, and safeguard the reputation of their clients. Beyond this, they increase businesses’ potential for growth through tenders and partnerships, by granting them DDoS compliance – more opportunities open up once an enterprise can demonstrate that its network and day-to-day operations are secured against attacks of this type.
With DDoS attacks constantly on the rise, it pays to have higher visibility of potential attacks, be able to automatically mitigate threats and secure your business’s reputation, compliance and its bottom-line. DDoS protection is essential for businesses operating in our ever-increasingly connected world.
By Lorreta Songola, Regional Chief Business Officer, Central African Region, Liquid Intelligent Technologies
You’re not too small to be DDoS’d
They do say ‘better safe than sorry.’ Do not think because your business is small no one would attack it. That’s especially the case when you rely on some website for some of your business and operations.
These criminals are improving in their craft and many are joining their ranks every day such that there aren’t enough large enterprises to go around. They are coming after the small businesses now.
Above we saw that Liquid has a solution to help fight against DDoS attacks. There are other solutions out there and you can shop around for what works with your budget. But even if you’re working with a negative balance, there are measures you can take to reduce your exposure.
If you use cloud services then you may have a little protection already. Cloud providers offer some DDoS prevention and are particularly good at preventing volumetric attacks.
One of the most important things you can do is come up with a DDoS response plan. Just plan for the worst. Prepare checklists on what employees should do, who they should call, how to maintain operations and other stuff that seems obvious but is crucial when it comes down to it.
The other stuff you can do is:
Increase your bandwidth – it’s simple really. More bandwidth means better ability to handle some traffic spikes. It won’t be enough alone but it’s more work for the attackers so it’s a no-brainer.
Have server redundancy – if one server is hit the others can pick up the slack until the attacked one is back online. It’s the age old ‘don’t put all your eggs in one basket.’
Use CDNs – content delivery networks offer server redundancy. They also specifically offer DDoS protection.
There’s more including diligence in monitoring network traffic, limiting network broadcasting and other stuff you are better off talking to the experts about.
Also read:
Cloudflare wants to get rid of CAPTCHAs, this is not the way
Kaspersky finds cybersecurity backdoor targeting African govts & NGOs
“95% of cybersecurity breaches are traced to human error” – World Economic Forum
5 comments
A reliable ISP should also be able to detect and mitigate surges in malicious traffic. A DDOS affects the overall network performance, not just the targeted client.
I agree a good ISP should have means to detect and mitigate such an attack
Hehe. Not many ISPs can sustain a full-scale DDOS. Ref below, most of the attacks mentioned are well above the entire IPT capacity of this country 😀
https://www.cloudflare.com/learning/ddos/famous-ddos-attacks/
That’s outdated now, there’s a recent one much bigger than that yakarohwa a Gsuite user. Luckily the owner managed to implement security measures in time thanks to Google’s System.
I see liquid is trying to peddle their services through techzim again? why was this not labelled as sponsored content so that we know to skip the whole sales pitch?