What are DDOS attacks and how should Utah businesses prepare for them?

You’ve probably heard of DDoS attacks before — they’re some of the most common cyberattacks out there. They’re also growing more sophisticated. Generally, the perpetrator attempts to slow down or disrupt a network by overwhelming it with a flood of internet traffic and service requests, until the whole system crumbles under pressure and shuts down.

Experts warn that these common attacks are now growing much larger and more sophisticated. In 2015, the largest DDoS attack consumed around 500 Gbps of data; within a year, that number had doubled, to around 1 Tbps.

And, whereas once it took a skilled cybercriminal to carry out an attack, new, automated tools are putting increasingly sophisticated versions of DDoS attacks into the hands of smaller and less skilled actors. A relative newcomer can purchase a mid-sized DDoS capable of taking a company offline for an entire day for a few hundred dollars on the dark web now. And analysts say the number of DDoS attacks on the private sector has been increasing by 15 percent annually.

Because of Utah’s growing local economy and increasing attractiveness to top international enterprises, it is at the top of many cybercriminals’ hit lists.

Every business needs protection

No matter what sector you operate in, it’s imperative you have some sort of DDoS protection. But many of the classic forms of protection lack adequate safeguards against the nuances of more recent DDoS attacks.

So what’s the best way to stay protected? Consult a professional managed IT services provider (MSP) to tailor a solution that fits your business’s needs and prepares you for a host of cyberattacks.

Plan ahead

Your plan will depend on a thorough security assessment of your business and IT infrastructure. It will prove essential when an attack occurs since there is no time to think about what to do next — you must be prepared to jump into autopilot. Your first act can often define the success of your defense. While details will depend on company size, risk exposure, and several other factors, certain elements remain constant. They include:

• Tools checklist – Create a list of the tools in your response arsenal so you can more easily identify any holes that may pop up in your defenses. Ideally, you should safeguard your systems with advanced threat prevention systems, firewalls, and security monitoring services. Review your list regularly with a professional to make sure that everything is up to date, since DDoS attacks are ever-evolving.
• Response team – Before disaster strikes, have a team of trained staff assigned to perform each task in a predetermined chain of responses, and make sure everyone knows exactly which task they are responsible for. Again, the exact chain of responses will depend on company characteristics and is best formulated in consultation with a cybersecurity professional.
• Team-wide training – Aside from a dedicated response team, there are certain things your entire staff should be trained on. For instance, make sure every employee can identify the early warning signs of a DDoS attack and they know who to contact if they suspect an attack may be occurring.
• External communications – Less of a technical consideration, but for the sake of business continuity and maintaining positive customer relations, it’s also imperative to design an external communications strategy to let customers, investors, other stakeholders, and the general public know if they need to expect service interruptions, etc. — and that your team has precautions already in place and is responding to the threat now.

These may sound like basic precautions, but they are simple steps that too many businesses in Utah neglect at their own peril. To tailor the specifics of these plans and precautions to your unique business, speak with a NetWize technician today.