The first six months of 2020 saw a 151% increase in DDoS attacks – distributed denial of service cyber attacks that cripple an organisation’s IT systems. The reason for this startling rise is quite simple: COVID-19. As organisations and their staff adapted to working from home, internet traffic soared by more than 50%. And where internet traffic grows, cybercrime grows too.
DDoS attacks involve huge volumes of traffic being directed to the victim’s website, bringing it down and causing costly business interruption. The perpetrators then demand a ransom to stop the attack. Hackers generate these massive volumes of traffic by networking servers that they have infiltrated; for example, through spam emails. The growth of the Internet of Things (IoT) has also given hackers a broad new choice of entry points, often poorly secured.
The question businesses are asking is this: with internet traffic and the IoT set to continue growing for the foreseeable future, and hackers becoming increasingly sophisticated and determined, what can they do to protect themselves against this burgeoning threat?
DDoS attacks range from small attacks of 5 gigabytes per second (that’s 5Gbps of data flooding the victim’s systems) up to massive attacks in the terabyte scale. Earlier this year, an Amazon Web Service client sustained an attack of 2.3Tbps. Compare this to the first headline DDoS attack which brought six US banks to a halt in 2012. The scale of that attack was 60Gbps – the threat has escalated.
But it’s at both ends of the scale that the rise in DDoS has been most pronounced. In other words, it’s not just big businesses that are at risk. In fact, more attacks are initiated at the 5Gbps level than anywhere else.
The impact is fourfold. First you have to find the resources to recover and secure compromised data. Then you have to communicate with regulators and customers to inform them that you have been breached. You may have to pay regulatory penalties. And you will want to invest in more robust security around your newly restored systems. The cost for some organisations can run to millions. The reputational damage can be even more severe.
When your business is targeted by a DDoS attack, it is hit by a tidal wave of data. In order to protect your website from becoming swamped, you need to break up that wave and deflect it away.
The solution is, in effect, a reversal of the tactic the hackers use to build up the wave in the first place: the creation of a network through which all traffic to your website is routed. When an abnormal build-up of data comes your way, the network dissipates and absorbs the impact.
The leading specialist in counteracting DDoS attacks is Cloudflare, a San Francisco based company with a 42Tb network of over 13 million internet properties in 150 countries. Every website under Cloudflare’s protection is routed through this global network, giving optimal page load times and robust resilience against DDoS attacks. To give an idea of the scale of that protection, Cloudflare’s global network is 15 times bigger than the largest DDoS attack recorded to date.
This year Origo and Cloudflare became partners, enabling us to increase the level of protection we can offer to Origo customers. For most businesses, the cost of building an infrastructure that can handle a large-scale DDoS attack is prohibitive, but with the Cloudflare model, businesses of any size can enjoy the best protection there is, by being part of the global network. Should your business come under attack, you can block it without any discernible impact on your ability to trade and serve your customers. That’s particularly important, given the increase in attacks at the smaller end of the scale.
As well as mitigating DDoS and other attacks, Cloudflare provides protection against spam, saving medium-sized businesses thousands of hours a year in time taken up by employees having to sift through unwanted emails. With this saving of ongoing costs coupled with the protection against the potential cost of a ransomware attack, businesses of all sizes can afford to operate with the confidence that they are protected from the biggest cyber threat of all.