David Brace, Senior Solutions Architect at Continent 8 Technologies explains that there has been a significant rise in DDoS events in the last year, and highlights the steps businesses can take to successfully fight them off.
The so-called ‘new normal’ of remote interactions has resulted in an estimated 30% increase in global internet traffic and a corresponding rise in cyber security incidents.
Throughout 2020 the number of Distributed Denial of Service (DDoS) attacks detected globally was doubling quarter on quarter, peaking in September before levelling off in Q4.
This trend looks set to continue in 2021 with attacks of varying size and sophistication targeting organisations of all types, from global internet giants to local governmental departments.
Worryingly, a second wave of ransom DDoS attacks retargeting companies previously hit in the summer of 2020 was recorded, with analysis of the ransom notes suggesting the same threat actors are behind this latest wave of attacks.
With the number of attacks being launched set to increase in volume and complexity, businesses on the Island must ensure they take the necessary steps to ensure they are as protected as can be.
Before looking at the products, systems and protocols businesses must have in place to fight off DDoS attacks, first we will look at what these attacks are, how they work and who is behind them.
What is a DDoS attack?
A Distributed Denial of Service attack is when a website or application is inundated with so many requests – this can be thousands per second – that ultimately the service is rendered unusable.
DDoS attacks have the potential to take a business entirely offline, causing disruptions to products, services, revenues and reputations.
It is not uncommon for attackers to issue ransom notices to organisations prior to an attack, and if they don’t receive payment, they unleash the bots used to inundate the website with requests and take it offline.
It is a simple, effective way of doing incredible damage to a business.
The bad actors behind DDoS attacks
One of the most difficult things about falling victim to a successful DDoS attack is that you are unlikely to ever know who is behind it. But in our experience, they tend to fall into the below groups:
- Organised crime groups
- Angry people
- Script kiddies
- Nation states
Motivations for launching attacks can and do differ, but the most common are for financial gain, to take down a competitor or to cause reputational damage or embarrassment to an organisation.
The impact of a successful attack
A successful DDoS attack can be absolutely devastating for a business. It can take a service such as an online casino or ecommerce site entirely offline.
For other businesses, it can see their customer databases raided and stolen, or sensitive data breached and published online for the world to see.
This has many bad side effects for governments and businesses, from a bad customer experience to major damage to your reputation and a loss of revenue.
They can also hit internal processes hard and lead to a significant reduction in productivity and, most concerningly, risk incurring potential compliance breaches.
Why Malta based organisations may be more vulnerable
While any organisation can fall victim to a DDoS attack, Malta’s reliance on subsea infrastructure to deliver internet services, coupled with requirements around data sovereignty and residency, mean organisations on the Island can be more vulnerable to DDoS attacks.
Moving to a cloud-based solution undoubtedly helps limit the risks related to an attack, but it doesn’t remove the threat entirely, as any device, service or application that is connected to the internet can be the target of an attack.
With 96% of all IT functions operating outside of the cloud and a finite amount of bandwidth available between Malta and the rest of the internet, it could only take one well targeted attack to cause severe impact to your organisation.
How Continent 8 can help protect your business from a DDoS attack
During a recent webinar organised by Continent 8, John Coleman, CEO of Microgaming, used the analogy which is helpful to anyone who is not an IT specialist: “You can no longer rely on high walls to protect your house. It’s now essential to have bright lights, security patrols, bars on the windows, motion sensors, security patrols, alarms, and guard dogs.”
Whilst that may sound extreme, it is a good way to illustrate the heightened level of cybersecurity solutions required to protect your critical data and systems.
Businesses need a layered approach for protection, covering cloud-based services and those running on physical infrastructure: Web Application Firewall (WAF) services, Network level DDoS detection, and Network level DDoS protection all play a part in protecting your organisation and its services.
Continent 8s DDoS defence service is a mature, proven platform, built and developed over 16 years, using an optimised combination of technologies and our customised development layer.
This experience enables our team to design bespoke protection services tailored to fit any organisation’s needs. Local engineers, backed by a global team, work in partnership with our customers to evolve these services to meet the everchanging threat landscape.
With a resilient global network spanning 4 continents and over 60 connected locations, Continent 8 connects Malta to the global internet via 3 separate subsea cable systems using a blended approach to ensure our service is not reliant on any one provider.
All traffic entering the network is inspected and profiled at the point of ingress, this ensures any malicious traffic is stopped at the network edge and legitimate traffic can be delivered to the end destination with minimal disruption.
Continent 8 has a long-standing presence in Malta providing technical services to local and global organisations. The team has recently expanded with the addition of Melissa Lamb as Sales Account Director. Working from Continent 8’s offices in Ta’ Xbiex as part of the worldwide sales team, Melissa is tasked with expanding our customer base in Malta and beyond, providing a personalised, bespoke offering to current and prospective clients.
This article featured in the Sunday Times of Malta on 28 March 2021.