Distributed Denial of Service – DDoS – statistics show there is no decline in the number of attacks being launched or in the scope and impact of these attacks. In fact, DDoS data from Link11 for the second quarter of 2019 shows that there was a 97 percent year-on-year increase in average attack bandwidth for the period. It says the average attack bandwidth, for the same period in 2018, jumped from 3.3 Gbps to 6.6 Gbps in 2019, making it extremely easy to simultaneously overload the broadband connections for many companies.
The data also indicated that maximum attack volumes between April and June 2019 increased by 25 percent year-on-year and 19 more high-volume attacks with bandwidths over 100 Gbps were registered in quarter two of this year.
In simple terms, the gap between DDoS attack volumes and organizations’ ability to withstand them is widening every quarter. Businesses must therefore take greater steps to protect themselves against DDoS attacks and the impact that follows.
But before we go into the impact of an attack, let’s look at how an attack works.
Table of Contents
What are DDOS attacks?
A DDoS attack is an attempt to disrupt and deny access to services or network resources.
During an attack, the targeted website is flooded with unwanted, illegitimate traffic from several computers. The aim is to overwork the system, slow down the speed or crash the server. Once this happens, legitimate requests cannot be filled and authorized users are denied access.
Imagine a number of strangers standing at the front door to your house preventing you from entering. That’s how a DDoS attack function.
Types of DDoS Attacks
There are four main types of DDoS attacks:
- Volume Based attacks- These are also known as a traffic flooding attack. The aim is to inundate the bandwidth of the target site and cause legitimate requests to be lost.
- Bandwidth attacks – These cause a loss of network bandwidth and equipment resources by overloading a website with junk.
- Protocol attacks – In these attacks, actual server resources, such as firewalls and load balancers, are consumed. They include SYN flood and fragmented attacks.
- Application attacks – These requests seem legitimate at first, but their aim is to crash your server by draining the resources in the application layer and rendering your system services unavailable.
How DDoS Attacks Impact Businesses?
DDoS attacks are getting more sophisticated and more frequent which means, businesses are becoming more vulnerable and must start asking themselves about the impact a single DDoS attack can have on their business.
Speaking of impact, how does a DDoS actually impact your business?
Erosion of trust
DDoS attacks are never welcomed guests. They show up, interrupt your operations and leave you with a host of consequences to deal with. The effect may vary, but according to a recent study by Corero, the most damaging consequence you will experience, is the erosion of customer trust and confidence.
Statistics from the study show that data theft (26 %), potential revenue losses (13 %) and intellectual property theft (10 %), were all rated less damaging than the loss of customer trust and confidence. In fact, IT professionals rated it at 42 %, making it the worst effect of a DDoS attack.
If your business is to provide network and web services, that’s what you are expected to do. These services must be up and running at all times if you want to establish and maintain their trust and confidence and ensure they are satisfied.
This is crucial to both retaining and acquiring clients, so when an end user is denied access to the services they pay for or the service is performing below par and affects their experience, your brand’s reputation is impacted and a bad reputation is not good for business.
Some of the more advanced attacks can lead to sensitive information being stolen, which gives customers another reason not to trust your brand.
This brings us to our second impact of DDoS.
Loss of Revenue
There are a myriad of ways that DDoS attacks cause businesses to lose money.
Think about the costs associated with the resources that’ll be needed to fix the problem, which is generally the case. More than fifty percent of DDoS attacks lead to software and or hardware being replaced.
Lack of access to services:
When your site is down, customers have no access to the services you offer and this is what does a lot of the damage. Customers will oftentimes leave the affected company out of fear of future security issues. Some clients’ simply do not want to have to worry about their service being unavailable, so they find an alternative provider. When clients leave, they take the company’s earning with them and revenues are lost or a business may be forced to declare bankruptcy.
Most companies know that, even a few minutes spent on resolving the issue, can be costly and could affect the company’s bottom line. Instead of moving forward with other projects, human resources are focused on the attack and its impact which could lead to them working overtime, which the company has to pay for. In some instances, help has to be outsourced and this can be quite costly.
Prevent or mitigate the impact of a DDoS-attack
The first rule of thumb is to note that no website it immune to an attack. If your website is big enough to make money, it is a target for a DDoS attack.
But not to worry, most issues can be avoided with good general internet practices like, not opening spam mail or downloading applications from sketchy, file sharing websites, etc. If you are not sure a website is legit, always remember,’ when in doubt, leave it out.’
Basic things like monitoring the traffic to your website along with those listed above can prevent an attack, but they will not protect against everything. In that case, ensure you have a robust anti—virus solution and ensure your web hosting provider has a strong firewall.
This is crucial as, while it will not provide protection against everything, it ensures you don’t have to worry about simple attacks, because it blocks them. Another way to stave off attacks is to ensure your web hosting provider uses software and humans to monitor the system 24 hours a day. This lets the hosting provider’s firewall block the suspicious activities and allots time to deal with them without impact on your site.
So, the web hosting provider you choose can be one of the ways that you prevent or mitigate the impact of a DDoS attack.