When running a DDoS risk assessment, the first step is setting the likelihood of an attack somewhere around 100%.
DDoS attacks — targeted floods of traffic attempting to overwhelm servers — are an inevitable part of being connected to the internet. The tools adversaries use to carry out attacks have gotten more sophisticated, ushering in an era of unprecedented digital threats.
Sometimes, the attacks are adversary-led, with a ransom attached. In these cases, you either pay the bad actors whatever they ask, or weather the attack. Other times, the adversaries are hired guns, sent by competitors or anyone else hoping to access your data or take down your systems. Either way, your business suffers while you work to get your systems back online.
So, a DDoS risk assessment covers two things:
- How often will adversaries attack your network or website — because it will happen at some point.
- How much would the resulting downtime cost?
Projecting loss numbers for these kinds of outages can make it clear to everyone, especially those outside of IT, how important DDoS risk assessments are.
Consider whether your business is more susceptible to a DDoS attack
Not all targets for DDoS attacks are created equal. Some industries get disproportionately more attacks than others. Usually, the frequency of DDoS attacks lines up with the stakes of an outage. If an attack can hold an energy grid in a major metropolitan area hostage, for example, it can create mass disruption. For some adversaries, big targets are an opportunity to demand big ransoms, turning the chaos into a financial windfall.
You can see this play out in the aviation and aerospace industries, where attacks were up 493% QoQ according to Cloudflare. When these systems are attacked, it can put actual lives at stake. In some cases, the attack is an act of war, whether official or unofficial. The greater the opportunity for destruction, the more risk there is to mitigate.
Chances are you know whether your business is at greater risk because you’ve seen the attacks come in. Still, when running a DDoS risk assessment, a few industries stand out for repeated, coordinated attacks: fintech, gaming, ecommerce, government, politicians, universities, and healthcare.
Factoring in the cost of downtime
For some businesses, however, it’s not about how frequently they might get attacked. It’s about the consequences if they do.
When a successful DDoS attack hits, servers and networks become overwhelmed, making your services inaccessible. For every second every server is down, business is not operating as usual, money is being lost and customers are feeling frustrated.
For some businesses, this cost is too high to risk happening even once — especially if word might get out and affect the organization’s reputation for security and stability. For others, the costs of proactive DDoS protection are greater than the costs of downtime. In those cases, a “rainy day fund” for dealing with the consequences of a DDoS attack may make more sense.
DDoS protection vs. DDoS recovery
If you know how likely you are to get attacked, and you know how much each attack is likely to cost, you’ll quickly start to see the best way to work DDoS into your budget.
At Deft, every client who connects to our network experiences the same basic DDoS protections. In the event of an overwhelming DDoS attack, we disable traffic to the server. Simple. The same step is taken by all of our competitors — you stop sending traffic to the server to help mitigate the attack and not affect other systems.
This is the nuclear option, so to speak. It protects you from the bad traffic, but also prevents customers from accessing the server. This may not matter if you have enough redundancy in your system, but as DDoS attacks become sophisticated enough to target multiple servers at the same time, redundancy and capacity alone isn’t a solution.
Our job at Deft is dead simple: Keep our clients doing business in the way that works best for them. Just as a one-size-fits-all infrastructure wouldn’t meet any company’s real-life needs, a one-size-fits-all DDoS mitigation solution doesn’t make sense. So, we offer everyone exclusively using Deft network connectivity two options:
- Prepare to be protected. For high-risk industries and/or high-cost downtimes, our partners can plan on keeping a digital bouncer at the door, so to speak. As soon as an unusual amount of traffic hits the customers network, the bouncer steps in, separating the good from the bad and stopping the attack in its tracks.
- Respond with force. Even if you don’t feel the need for proactive protection, we have you covered. In the event of an attack, we can bring in DDoS mitigation tools on an emergency basis for the people on our network, activating a quick and thorough response to stop the traffic and get your systems back to functional.
In short, if you’re on Deft’s network, you have DDoS attack protection. It’s just a matter of when and how you choose to access it. Just like anything else we offer our partners, the Deft DDoS mitigation service responds to the risks, needs, and operational practices of each individual business. In the end we’re facilitating the same outcome: continuous, efficient business operations.
Planning your DDoS risk assessment
If you haven’t already considered your DDoS mitigation strategy, it’s past time to start. DDoS attack trends are all over the map, influenced by world events, economic trends, business activity, and all sorts of other factors. What you can see, however, in report after report, is that DDoS attacks are everywhere, and at some point, they’re going to be where you are.
Start the internal conversations now, so when a DDoS attack does happen, you’re putting a plan into place instead of building the plane midair. And whether you decide to proactively protect against DDoS attacks or establish an emergency mitigation plan, make sure you have a partner that’s equipped with the tools, the technology and the boots-on-the-ground support to catch and respond to anything that comes your way.