DDoS Response Plan : Why Business Needs it and Setting Up
People always have the best of intentions when it comes to being prepared. And yet, those intentions somehow aren’t always in line with preparedness. In fact, they often backfire and leave us in desperate circumstances: standing in four inches of water in the basement because those sandbags never quite got stacked right, spending a camping trip sleeping in a van with the heat cranked up instead of a tent because nobody brought enough warm clothes, and paying a 400% mark-up on first-aid items at the corner store at two in the morning.
We all need to leave the intentions behind and remember to always prepare for the worst.
The rise of DDoS attacks
Over the last two years, not only have DDoS attacks become bigger, faster, stronger, and all the more devastating, but we’ve seen a major increase in how widespread these attacks are.Internet security firm Incapsula recently undertook a survey of North American organizations in order to get a clear picture on the damage being done by DDoS attacks. They surveyed over 250 organizations, each of which had at least 250 employees, ranging all the way up to 10,000 employees.
This research showed that a whopping 45% of the organizations had been hit with a DDoS attack, with 91% of those organizations reporting having been hit in the last 12 months. Of the organizations that had been targeted, a full 70% were targeted two or more times.
The rising costs of DDoS attacks
Those weren’t the only staggering numbers turned up by the Incapsula survey. The average cost of dealing with a DDoS attack came out to be $40,000 per hour.$40,000. Per hour.
The survey also found that two-thirds of these DDoS attacks lasted at least six hours, which translates to at least $240,000. And that’s not even taking into consideration the repercussive costs associated with DDoS attacks, such as software or hardware replacement, loss of revenue, diminished customer trust, financial information theft, customer data theft, and theft or loss of intellectual property.
Getting your DDoS response plan in order
We assume by this point that you're sufficiently terrified of the prospect of a DDoS attack, but try to take a deep breath and take a look at Incapsula's DDoS response plan guide. We encourage you to follow that link because at the bottom of the post you'll find a link to a full (and free) downloadable DDoS attack playbook from Incapsula.Preparation
Your response plan begins with preparation – beginning to assemble the necessary pieces and put them into place. Among the steps Incapsula recommends you take for this stage are:
- Building your DDoS response team. This means identifying the people and departments within your organization that will be tasked with responding to a DDoS attack.
- Risk assessment. What are the potential DDoS targets in your organization? In the event of an attack, what infrastructure assets most need protection?
Having the Right Tools
In this stage of your response plan, you review your tools and see how they relate to your DDoS protection strategy. Some of the recommendations for this stage include:
- Ensuring you have the right form of detection in place. Will manual detection cut it for your organization? Or should you be looking into automatic detection?
- Selecting a deployment mode. What does your organization require? Always-on? On-demand? DNS redirection?
Responding
This is what it all comes down to. Your plan has to clearly outline exactly what will take place when a DDoS attack is detected. Some of the suggestions are:
- Establishing a communication center to server you during the attack, while taking in account scenarios in which won’t be able to rely on emails or other online forms of communication.
- Maintaining communication with partners, customers and employees. Whatever the situation is, they all need to be telling the same story.
With every day that passes it becomes increasingly imperative that businesses be prepared for a DDoS attack, as they are becoming more of an inevitability than a possibility.
Being caught unprepared and trying to fly by the seat of your pants to deal with a DDoS attack will most certainly result in more damage being done and more money being spent than if you’d had a response plan in place. Be prepared, and use your foresight as a weapon against would-be attackers.