Why DDoS mitigation should be seen as non-negotiable

This article is part of our Opinions section.

Although very few working in the digital space will be new to the phrase “DDoS attack”, the tendency to experience it is skyrocketing among companies of all sizes. According to Comparitech, there has been a 67% rise in the number of ransom distributed denial-of-service (DDoS) attacks since last year, meaning organisations must be on high alert or risk potential immeasurable harm to their customers and their reputation.

For example, last year saw Google, Amazon and Cloudflare reportedly successfully mitigate a vulnerability that led to the largest-ever DDoS attack on record. Although the attack was thwarted on this occasion, the sheer number of customers that could have been affected means it would have caused massive disruption had it been successful.

What’s more, Google claims similar attacks continue to this day, which illustrates how businesses in all industries need to prioritise shoring up their defences against this urgent and apparent risk.

The evolution of DDoS protection

Thankfully, we now have many more ways to combat and mitigate such threats. With a growing number of solutions on the market that providers can use to protect themselves, the industry has seen an evolution in the perception of DDoS mitigation, in which it has gone from an optional extra to a critical cornerstone of enterprise cybersecurity.

In much the same way as buying a car, certain features that were once optional should now be considered non-negotiable. Twenty-five years ago, ABS or airbags were seen as an optional extra, whereas now they are everyday features that have a primary role of keeping people safe. Mitigation strategies like traffic filtering or scrubbing centres should be viewed the same way — non-optional features, that businesses should benefit from and protect their data now.

Why now is the time to act

DDoS attacks involve a threat actor using resources from multiple, remote locations to attack an organisation’s online operations, preventing legitimate users from accessing them. Volumetric DDoS attacks, which aim to flood network servers with excessive internet traffic, have gained particular popularity.

In this case, much like on the doors of a nightclub, DDoS mitigation works as a watchful bouncer guarding a network’s entrance, filtering incoming traffic, and allowing only legitimate requests to pass through. It identifies and neutralises potential threats as and when they come, only admitting traffic that aligns with an organisation’s needs, safeguarding the network’s integrity.

But as advances are made in the digital landscape, the tactics deployed by perpetrators excel in their level of sophistication at the same time. No longer satisfied with brute-force assaults, attackers have honed their strategies, including the practice of “profiling” businesses and their defensive infrastructure.

Attackers will gather information to better understand the network architecture, potential entry points and weak spots. Monitoring and surveillance help attackers detect any patterns and anomalies in network traffic, enabling them to identify and exploit vulnerabilities with alarming precision. By infiltrating organisations through orchestrated attacks, perpetrators become a formidable threat to all businesses, great and small.

The power of peace of mind

Regardless of size and industry, no business should have to choose what should and shouldn’t be protected. The notion that organisations must choose which assets to protect is outdated and risky. But particularly for large internet service providers (ISPs), investing in mitigation offers peace of mind and a sense of security for both customers and stakeholders, providing assurance that their data and services are secure from malicious actors.

Advanced security features and around-the-clock security operations centre (SOC) availability are crucial components for several reasons. Firstly, DDoS attacks are becoming increasingly sophisticated and secondly, they can occur at any time, often without warning. Having a 24/7 SOC ensures continuous monitoring, rapid threat detection and immediate response to mitigate attacks as soon as they occur, minimising downtime and service disruption.

Moreover, businesses grow over time, expanding their digital footprint, customer base and online services. A scalable DDoS mitigation solution can adapt to the changing needs and demands of the business, accommodating increasing traffic volumes and thwarting more sophisticated attacks as the organisation expands.

Previously mentioned solutions such as traffic filtering and scrubbing centres should be regarded as compulsory rather than optional features. Traffic filtering, which involves the identification and removal of malicious traffic before it reaches the target network, and scrubbing centres, which analyse and cleanse incoming traffic, are key players in supporting organisations in building a resilient digital ecosystem.

Taking a “network-level” approach

Unlike traditional cybersecurity threats that may focus on exploiting vulnerabilities in specific applications or systems, DDoS attacks aim to overwhelm the entire network. Just as you wouldn’t secure only one room in your home from burglary, organisations must view their network as a cohesive entity when assessing vulnerabilities and enhancing defences to safeguard both its infrastructure and reputation.

And since we know every business will naturally evolve, flexibility and scalability are paramount considerations when devising protection strategies. Flexibility allows for the seamless integration of modern technologies, and scalability ensures defences can expand alongside the organisation’s growth and expansion. Attacks vary in scale and evolution too, which serves as another reason for adopting mitigation measures that can easily adapt to changing threats.

A matter of when, not if

Right now, the threat organisations face is unprecedented. Many are rightly starting to ask not “if” but “when”. Therefore, success in this space will be characterised by smart, flexible and resilient defence mechanisms.

Sooner rather than later, I hope organisations will have implemented protection strategies that include network-level defences, advanced threat intelligence and real-time monitoring capabilities, leveraging machine learning algorithms and AI to analyse and respond to emerging threats.

Success will also be measured by how smoothly protection solutions blend into broader cybersecurity best practices, making it straightforward to manage threats and respond to incidents across the organisation’s entire ecosystem.

So, how can business leaders achieve this? Prioritise understanding the tactics and risks of DDoS attacks, advocate for flexible and tailored protection strategies and adopt a “network-level” attitude to safeguard your organisation. Safeguarding isn’t just about protecting data; it’s about reputation, customer trust, and the future of your business.

Worth a read

Tony O’Sullivan

Tony O’Sullivan CEO of international network services provider RETN also happens to be a qualified F.C.C.A accountant. He has contributed to TechFinitive under the Opinions section.