In a previous article, we discussed building a deeper understanding of distributed denial-of-service (DDoS) attacks, what they do, who’s behind them, and what they all come down to. To follow, here’s how to prepare your website for DDoS attack.
According to the results of a study conducted by Kaspersky Lab and B2B International, a DDoS attack can cause considerable losses, with average figures ranging from $52,000 to $444,000. But in addition to the financial implications, a DDoS attack can also damage a victim’s online reputation, an adverse impact which is arguably hardly impossible to recover from.
For this reason, more and more businesses are increasing their IT budgets in order to bolster their online security. Although certain web hosting services feature out-of-the-box security solutions that mitigate the threat of DDoS attacks from the get-go, there are a number of other ways you can prepare your website to stand strong against this risk.
Over-Provision in Advance
Seeing as how your website can experience significantly high web traffic during a DDoS attack, it makes sense to over-provision for activity in advance. When determining bandwidth requirements and computing resources, give yourself a healthy margin of error.
Fortunately, this step is especially straightforward when it comes to cloud computing.
“In most cases, it’s simple to spin up additional resources to either meet legitimate demand or ensure access to your services in the event your primary hosting site is under attack,” says Jonathan Hassell from CIO.com.
Ask for Assistance
On account of the fact that DDoS attacks are becoming more prevalent and perplexing, you might want to ask for assistance from a security firm that specializes in cybercrime. After all, the price of seeking help will pale in comparison to the cost of recovering lost data, improving a damaged reputation, and making up for lost sales.
This is something that one of the web’s heavyweights found out the hard way. Although it wasn’t because of a DDoS attack, a 30-minute outage on Amazon.com back in 2013 is estimated to have cost the retail giant a whopping $2 million based on the previous year’s net sales.
Dump Your Logs Quickly
When a DDoS attack is in progress, your firewalls, unified threat monitoring devices, servers, and other systems will struggle to log each and every individual request. Before long, these devices will start falling over, and their failures could quite easily cause a chain reaction with linked systems, too.
This is one of the reasons why a DDoS attack is one of the most malicious weapons in a hacker’s toolbox, as it can affect systems peripheral to the one being targeted. Therefore, it makes sense to dump your logs quickly once you know you are under attack.
Come Up with a Response Plan
Most importantly, Hassell adds that if you experience a DDoS attack, you likely won’t have a chance to develop a response plan at the time of impact.
“Your services will be degraded, if not disabled completely, and your highest priority will be restoring service and stopping the attack.”
With that in mind, you should have a detailed plan of action ready ahead of time.
Check out Lenny Zelster’s DDoS Cheat Sheet featuring every step you need to take, which includes preparing contact lists and performing a thorough postmortem to document lessons learned.
About the Author: Ben Campbell is an accomplished, experienced freelance writer and web security expert who has featured in a number of high profile publications and websites. If he’s not writing about protecting your website you’ll find him listening to live music or at the coast surfing.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.