When we think of cyberattacks, we think of three possible impacts involving confidentiality, integrity, and/or availability. DDoS attacks impact the third leg of this stool, availability, and don’t directly involve a loss of data or privacy. While this can be serious if you’re talking about something like an attack against a utility provider, it is typically a less serious system performance disruption. It’s also worth keeping in mind that DDoS attacks can be masks for other attacks. By keeping an MSP or IT department focused on dealing with the DDoS attack, cybercriminals can often launch a more serious and invasive attack in the background.
Part of the impact of DDoS also has to do with timing. In the Labour Party instance, for example, the timing was about a month before the upcoming UK election. Another example of why timing can make a huge difference with DDoS was the attack against Amazon on Prime Day in July of last year. The service was down for approximately an hour, costing the retailer an estimated $75 million USD.
So the potential seriousness of this attack in the UK is more about the fact that the UK’s Labour Party may now be on someone’s radar. This kind of attack could be an initial attempt to do harm, with more serious attacks to follow.
“If this is a sign of things to come in this election, I feel very nervous about it all, because a cyberattack against a political party in an election is suspicious and something one is very worried about,” said Labour leader Jeremy Corbyn.
How can businesses prevent DDoS attacks?
We’re living in a world where everything is connected. This means criminals now have many more internet-enabled entry points. Today things like baby monitors, cameras, or even refrigerators can all be compromised and utilized in an attack (as part of a bot net). Businesses that rely on uptime need to put services in place, usually through their ISP or global service provider, that can help them be more resilient to DDoS attacks—for example, in the Labour Party’s case, their hosing provider, Cloudflare, claimed its network capacity was 15 times greater than the biggest DDoS attack ever recorded.
Locking down internet-connected devices is important, but network security is just as important—even more so when it comes to DDoS protection. Network security should be part of a broader security focus, and here a layered security approach is the best defense to help not only keep the bad guys out, but keep them from doing harm within your specific systems and sites.
Layered security works on the basis that there are multiple ways attackers can get into a business, so you need multiple forms of defense to help protect your data. In your layers, you'll want to include controls like email protection, web protection, firewalls, and endpoint protection to prevent widespread attacks.
Should you fall victim to a DDoS attack, one of the biggest mistakes organizations can make is to create panic, both among themselves and their customers (or constituents). Remember that this attack may be annoying or even debilitating when it comes to service denial, but it is not the same as a breach against privacy or data. Remaining calm and using the appropriate descriptive language is important, and what’s ultimately going to win the day. Otherwise you’ve given the criminals exactly what they want and crave—chaos.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.