Hardly a week passes without another major online brand suffering from cyber-attacks of one form or another, with distributed denial of service (DDoS) attacks becoming more and more common. These attacks involve flooding servers with requests, until they are unable to handle the demand and become unavailable.
And the attacks are getting more powerful. More and more devices are connected to the internet, (The Internet of Things), from lightbulbs to thermostats, and for many of them security is an afterthought, making them an easy target for hackers. These devices can be taken over to form a vast 'botnet', which can then be used to flood a target system with requests.
In October 2016 Dyn’s servers were targeted – while you may well never have heard of this company, they are providers of key elements of internet connectivity.
You can read their statement on what happened here:
http://dyn.com/blog/dyn-statement-on-10212016-ddos-attack/
However, it’s not just internet connectivity businesses who are at risk from DDoS attacks. These attacks are a particular risk for e-commerce businesses, which depend on the internet for a large part of their revenue. It can also have a huge reputational impact, for financial institutions, or any organisation that stores personal data.
Avoiding DDoS attacks altogether is not an easy task for any business.
So, what can you do to minimise the impact of such an attack and ensure that you are ready to respond to them?
1 - Don’t try to just scale your platform to cope
The first point is how not to respond – simply scaling up the hardware involved is neither cheap nor effective. And most bottlenecks have nothing to do with hardware, so however far you scale the hardware, you will still hit an application limit.
2 - Have a plan!
Being prepared is the most important element. Here are some key questions to ask yourself before you begin to work on a plan to prevent a DDoS attack.
- How will you identify which elements of infrastructure are under attack?
- Do you have a good service based view of which elements of your service are under stress?
- Do you have good measures of your customer experience? Is this broken down into elements, so you can see where it is slow?
- Are you ready to work with your ISP, and do you have their support numbers ready? Check beforehand what they can do to help if such a situation arises.
- Your ISP should also be able to help you reduce your exposure to threats - for example, by blocking protocols that you don't need. Check with them to see where they stand on this.
- Have you considered using a service such as Cloudflare to help in defending your service?
You can read a good article on the technical aspects of this at Tech Republic:
3 - Understand the limits of your service, and how near it is to those limits.
Effective monitoring of the system components is good practice even without DDoS attacks. And a good understanding of service behaviour under high load is required for delivering good customer service on peak days.
Capacitas offer Service Assurance, which will let you safely test your systems at high load. We have delivered Service Assurance to protect over £100 million of peak online sales for one client. We also helped the same client to make its website 54% faster than its closest competitor. The benefits of this service are not just defensive. It identifies areas for improvement, such as bottlenecks, and will deliver a more efficient, effective service for you all the time.
4 - Don't neglect 3rd parties from your planning
Third parties, such as payment processors, are key to your service availability. Be sure to include them in your planning, and to monitor the service level you are getting from them.
5 - An efficient, performant, environment is a resilient environment.
The Capacitas Performance Engineering Service will ensure that your software is efficient, and performs well under high demand.
Again, the benefits of this apply all the time, not just when you are under attack.
6 - Remove risk from your services.
Capacitas offer two services that can help you remove risk from your services.
Risk Modelling. Here at Capacitas, we have seen our Risk Modelling Service deliver vast benefits to new and upgraded systems, preventing project times from slipping. Typically, risk modelling will save up to six weeks on a six-month project by identifying and removing problems early in the project. This prevents them becoming major issues later as a project progresses.
Operational Analytics. The Capacitas Operational Analytics approach is a powerful and effective way of analysing a service for the early warning signs of problems. This works before issues start impacting your users, and before utilisation thresholds are breached. See also our series of posts, Top 5 Operational Pathologies.
Conclusion:
DDoS attacks have become a common occurrence when doing business online.
However, with good preparation, and a well managed, performant service, with risks understood and minimised, the impact can also be minimised.