January 14, 2013, 2:02 PM — Cyber attacks of all kinds are on the rise. It is a trend you ignore at your own peril. National Security Agency and U.S. cyber-command chief Keith Alexander said in July that Internet attacks of all sorts surged 44% in 2011 and are responsible for what he terms the " greatest transfer of wealth in history."
In a world where you can rent an already-hacked botnet for about $20 to start your attack, and in a world where a criminal enterprise industry has developed to support amplifying attacks in progress, it is important to understand that these types of attacks are simply not going away. Are you ready for them? Are you considering the right points? Here are four strategies to help your organization prepare for and defend against Distributed Denial of Service (DDoS) events in the future.
1. Consider Over-Provisioning a Service in Advance
Most of us develop systems on strict budgets. There is a general resistance among financial types as well as information executives to not pay for unused capacity. This makes good sense in and of itself-why waste your dollars on capacity, either bandwidth or compute, that you are not using? Many companies scale their systems to match a predictable but legitimate peak, such as Black Friday, Cyber Monday or another annual peak load.
In a DDoS attack, however, your site or resource can experience loads many times greater than even your highest peak activity-on the order of 10 or 20 times, if not more. Mind you, I'm not suggesting you budget capacity to pay hackers to blast your network with packets. While you are specing bandwidth and compute resources, though, it makes sense to give yourself a healthy margin of error, even on top of your peak.
With the advent of cloud computing, this has become easier. In most cases, it's simple to spin up additional resources to either meet legitimate demand or ensure access to your services in the event your primary hosting site is under attack. Internet service providers and other providers are also usually quick to offer burst capabilities with their contracts. This way, you can access an assured, ready additional amount of capacity in the event you need it while not necessarily paying full price for it during those times when your load doesn't demand it.
2. Don't Be Bashful About Asking for Help