Cyber attacks are a recurring theme on F5’s blog pages. That’s hardly surprising given our field of expertise but it’s also a reflection of how much the threat from these attacks is growing, and the impact they are having on our customers.
It’s been mentioned on these pages before how hacking and other cyber attacks have gone from being something carried out by kids simply because they can, to highly organised and very well funded endeavours that target some of the biggest companies in the world.
One potential reason behind this increase is how easy it is to launch cyber attacks. This article on the FT explains how DDoS, for example, has become a service. With a little bit of searching online anyone can find the tools needed to launch a DDoS attack, and, unlike just 18 or so months ago, people now need no special skills.
There are also cybercriminals who hire themselves out and for just a few dollars will launch a DDoS attack on whoever their client likes. Maybe the time has come to talk about DDoS-as-a-Service - although DDoSaaS is a bit of a mouthful!
The point I’m making is that it is easier than ever for someone to launch a cyber attack against your business, whether it’s a foreign government, a competitor, a disgruntled employee (or ex-employee) or just someone who disagrees with what your business does.
That was certainly reason enough for the likes of Anonymous and LulzSec to launch their cyber attacks on a wide variety of businesses. In fact, Anonymous is a good example of the changing face of web attacks; the group relied heavily on DDoS attacks because they were easy to perpetrate, just how easy? Well XerXes is an application layer DOS tool and YouTube is littered with Videos on how to use it to take down a website, Video Here.
So it is true that the ease with which people can launch cyber attacks against any target they choose means threats are heightened. But that doesn’t affect the basic - businesses still have to protect their infrastructure from these attacks.
Cyber attacks can cause damage running into millions of pounds; the FT article says Forrester Research claims losses can be as much as $27 million for a 24-hour period of downtime. They can also permanently ruin a company’s reputation... who’d want to do business with a company that can’t keep your personal information safe?
Cyber attacks can come in many different forms, so it’s important to first establish whether your business is in fact under attack and, if so, to determine what sort of attack you are facing. It could be DDoS (which could be attacking the network, or the application layer), it could be someone trying to access certain parts of your network or it could be malware that has been planted and is scouring the network for sensitive information.
Whatever the attack, and whatever the attack vector, it is vital to keep your workers working. This means, for example, keeping key applications running and add workers, both remote and those in the office, to a “safe list” so they can continue to access the applications and data they need.
It’s important to have a security platform in place that has the intelligence to determine whether an attack is underway and then to take steps to block the offending traffic, while keeping the good traffic flowing.
That’s what will give a business peace of mind despite the heightened risk of cyber attacks because of how readily available attack kits are.