The best business advice, opinion, news and expertise in Greater Manchester and further afield.

Monday, 1 February 2016

Member Blog: Are Distributed Denial of Service attacks here to stay?

By Craig Robinson - Director, Cloud53 Ltd

Recently it seems that every week we hear of a major website being unavailable due to a Distributed Denial of Service (DDoS) attack, but what is it and why is it becoming so common?

A DDoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic.

It seems that along with these attacks becoming more common that they are also becoming more serious in the sheer bandwidth that is being used. Speaking to a recent victim they saw over 80Gbps being used against their IPs, very few providers could sustain that. To put this into perspective in Q4 of 2013 the average DDoS attack was using an average of 2.14 Gbps.

In recent months major names have been attacked such as the BBC (reportedly over 600Gbps), Sony PlayStation network, TalkTalk, Carphone warehouse and many more but why?

It would seem that essentially the groups doing this wish to extort money from their victims, blackmailing them with the threat that if they do not pay the attacks will continue. However could you trust a blackmailer not to do it again after payment? This is why it is generally reported that companies do not pay, however it seems reasonable to assume that some companies do pay as these sort of attacks cost money to implement and so they must be worthwhile to the criminals?

The type of payment is the issue in these ransom situations as payment is always instructed to be made in bitcoins and so is totally untraceable (if you have many accounts). It is also thought that money gained in this way often finds its way to support illegal activity.

You don’t have to be a large company to suffer a DDoS attack but the attackers do go to where they believe ransom money is available however if you do become a victim of a DDoS attack and subsequent blackmail it is best to treat it as an exercise to bolster your security and potentially test your DR strategy, it is not advised to meet the demands of the cyber criminals.

If you become a victim of this or any other suspected cyber-crime and need advice please get in touch with Cloud53:

Visit Cloud53:
Call Cloud53: 0845 557 8687
Follow Cloud53:  @cloud53ltd

10% discount for all Chamber members on Cloud53 services.

No comments:

Post a Comment