Cyber attacks are getting bigger and smarter. Are you vulnerable?

Have you ever tried to buy tickets for a huge event and found that the seller’s website has collapsed under the weight of thousands of people all trying to do the same thing at the same time?

The ticket site falls over – usually temporarily – because the server is overloaded with traffic it doesn’t have the capacity for.

Criminal Distributed Denial of Service attacks – DDoS, for short – exploit the same principle.

When a DDoS attack targets a business, it floods it with internet traffic in an attempt to overwhelm the system and force it to fail.

This results in the business and its customers being unable to access services. That may trigger a temporary failure, or it could be more serious. Last year, the average DDoS attack lasted 50 minutes.

That may not sound like a long time, but it’s enough to create angry customers, or to bring business to a grinding halt. And downtime can be costly.

The really bad news is that DDoS attacks are not only lasting longer, but they’re becoming bigger, more sophisticated and more common.

Recently, the biggest ever reported DDoS attack was reportedly blocked. At its peak, it sent 71 million requests per SECOND to its target’s servers. Prior to that, the biggest reported incident stood at 46 million requests per second.

Worse still, more businesses are reporting being targeted by DDoS attacks where criminals are demanding huge ransoms to stop the attack.

What does this mean for you?

It’s important you check all your security measures are up-to-date and working as they should be. If you haven’t recently, you should check in with your MSP and make sure that you’re properly protected.

And don’t be vague! Make sure that you ask the right questions.

1. Do we use a Content Delivery Network (CDN)?: A CDN can help distribute traffic to multiple servers, reducing the impact of a DDoS attack on a single server. This helps to keep the website accessible to legitimate users even when under attack.
2. Have we implemented a Web Application Firewall (WAF)?: A WAF can filter out malicious traffic and prevent attacks by blocking traffic from known malicious sources or patterns. It can also help to identify and block traffic that is attempting to exploit vulnerabilities in your website or application.
3. Are we keeping software and hardware up to date?: Regular updates and patches can help to close security holes that can be exploited by hackers. It is important to keep both software and hardware up to date, including firewalls, routers, and servers.
4. Do we use strong authentication and passwords?: Weak passwords are easy to guess and can be used to gain access to systems that can then be used in a DDoS attack. Strong passwords and multi-factor authentication can make it more difficult for attackers to gain access to your systems.
5. How are we monitoring network traffic?: Regular monitoring of network traffic can help detect unusual traffic patterns that may be indicative of a DDoS attack. This can enable you to take action quickly to mitigate the attack.
6. Do we limit network access?: Restricting access to networks and systems to only those who need it can help prevent unauthorized access and limit the scope of a potential DDoS attack. This can also help to prevent attackers from gaining access to sensitive information.
7. What Anti-DDoS services do we use?: Anti-DDoS services can provide additional protection against DDoS attacks. These services can include real-time traffic monitoring, traffic filtering, and other measures designed to protect against DDoS attacks.

Ideally your MSP should be able to handle the bulk of the work, but you still have to make sure that they’re doing it, and you have to make sure that your team is fully aware of the importance of staying vigilant.

We can help make sure your business stays protected. Just get in touch. Published with permission from Your Tech Updates