Cyber Security
The best ways to fend off DDoS attacks By Martin Ryan
18 | Australian Security Magazine
W
hen Australia’s largest wireless broadband provider Cirrus Communications suffered a distributed denial of service (DDoS) attack in July 2014, the attack had hit Cirrus’ core network, rather than the radio equipment on the edge, knocking out half of its network. Following the incident, the broadband provider admitted that it had experienced “struggles” in the wake of the event, and further reports suggested that the attack had disrupted communications to other carriers that use Cirrus’ services. It would be naïve to think that DDoS attacks are rare. In fact, many reports indicate the opposite. According to BT Global Services, 64% of Australian organisations were hit by DDoS attacks in 2014, which was the highest out of all 11 geographical areas measured in the report. Not only are DDoS attacks common, the ones seen in Australia are shorter and more aggressive. According to ARBOR Networks the attack length in Australia during the first quarter of 2015 was 22 minutes, versus 46 minutes in Asia Pacific (APAC). The average DDoS attack was 1.25 Gbps, compared with the APAC average of 483.65 Mbps—a dip from the last quarter of 2014 where the average DDoS attack in Australia was 1.34 Gbps and the average APAC attack size was 500.68 Mbps. Considering the statistics, organisations should already have a solid plan in place to counteract such attacks, but in reality, only 24% of Australian organisations said that they
have sufficient resources in place to counteract a DDoS attack, according to the same BT Global Services report.
It Pays to be Prepared Due to the growing ease of launching DDoS attacks, the demand for DDoS prevention solutions is also on the rise. IDC has forecast that the worldwide market for DDoS prevention solutions will grow by a compound annual growth rate (CAGR) of 18.2% from 2012 through 2017 and reach $870 million. DDoS attacks are not only obnoxious to deal with, but they can be a great detriment to your company. Companies that have undergone DDoS attacks have experienced the following: Loss of income: For ecommerce giants, just a second of downtime could mean thousands in lost revenue. Even if your company isn’t as large as Amazon or eBay, any amount of profit loss due to downtime should be cause for concern. Not only do you miss a potential sale in real time, that customer is less likely to come back and try to purchase from you again in the future. A recent study by Kaspersky Lab and B2B International estimated that a DDoS attack on an organisation’s online resources might cause losses ranging from $52,000 to $444,000.