Distributed denial-of-service (DDoS) attacks have increased, and research shows that on average, a DDoS attack can cost an organization more than $2.5 million in revenue. As a small or medium-sized business owner, you may be thinking "hackers only use DDoS on the big boys" or "I'm not big enough for them to care." But these disruptive attacks are getting worse, and they're moving downstream. Today, they affect everyone from the largest organizations to smaller companies that are being hit either directly, or as a by-product of one of their service providers being attacked.
In a sampling of customers, Neustar found in a recent study that 78% of organizations that generate $50 million to $99 million per year had experienced a DDoS attack at least once in the last 12 months, and of those organizations attacked, 86% were hit more than once. Small and midsize companies are tempting targets because often they are armed less with heavy tech investments, services, and staff.
Companies also often overestimate the "protection" offered by ISPs and cloud service providers, such as Amazon Web Services. These organizations can only provide so much protection. Their priorities are protecting their backbone and availability services for all customers, not protecting any specific entity. When DDoS attacks become too large and create collateral impact, all traffic to that targeted host starts getting blocked or "blackholed." This effectively takes those businesses offline. To add insult to injury, often if you rely on an ISP or cloud service provider, it will not only bring down your site but also charge you for the traffic overages that happened during a DDoS attack.
Additionally, attackers perform reconnaissance on targeted infrastructures, and it is easy to identify Domain Name Servers (DNS) service providers for online sites. Because of financial and technical acumen factors, many growing businesses opt to provide their own DNS service. This is not difficult and requires little maintenance. The downside is that DNS is an inherently vulnerable service because it needs to be exposed in order to work.
When attackers scout targets, they understand that large DNS providers are highly redundant and highly resilient. In comparison, organizations managing their own service are far more likely to be susceptible to failure and collapse with the right cyber attack. This makes self-managed DNS organizations more-tempting targets, not only because their DNS is easier to attack but also because self-managed DNS often lacks the resiliency and redundancy that make it more difficult to take down and is also likely an indicator of additional (and vulnerable) self-managed security within an organization.
SMBs Are Hot Targets for DDoS Attacks
Neustar research data on almost 200 midsize businesses (organizations that generate $50 million to $90 million per year) found the following in trends in SMB DDoS attacks over the last year:
Because DDoS attacks have grown in severity and scale, small and midsize businesses should be vigilant to the fact that they are increasingly attractive targets. Although cloud and hosting providers can offer some level of protection, these businesses should remember that a hosting provider's priority will always be to keep its backbone and basic services up, and individual site vulnerability will always come second. These organizations must educate themselves about the variety of DDoS protections available in the marketplace and determine which options can cost-effectively meet their needs.
Here are the top five questions that organizations should ask their DDoS protection providers:
As large enterprises become more sophisticated in their DDoS defenses, small and midsize organizations will continue to become an increasingly attractive target for attackers. Start asking these questions and putting in place protections now, before your brand, reputation, and bottom line take a hit from these attacks.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.Nicolai Bezsonoff is the General Manager of Security Solutions at Neustar. He spearheads the company's industry-leading DDoS, DNS, and IP intelligence solutions, including its cybersecurity operations. Previously, he was the co-founder and COO of .CO Internet, a successful ... View Full Bio