It’s important to realize that anyone with an online presence is a potential target for a DDoS attack. It’s relatively easy for a determined individual to build their own botnet to carry out large scale DDoS attacks, but it is even easier with numerous DDoS for hire services currently available on the black market. With that being said, as a risk manager it’s important to be aware of the threat and know how your organization is going to react when you’re hit.
Know the Risks Involved
Before you develop your defensive strategy you first need to ask yourself: what’s at stake here?
What would happen if you’re web site was down for an hour? Two hours? 12 hours? A day or more? How would that effect your organization? When your web site is offline, revenue stops. This could cause hundreds if not thousands of dollars in lost revenue, not to mention lost users and a negative SERP impact. When dealing with a long term DDoS attack, losses can increase exponentially.
Will a successful attack cripple your business?
Proactive Strategy Is the Best Strategy
Waiting for an attack to occur then deal with it is a mistake that many organizations make, and it almost always ends up costing significantly. The fact is that DDoS protection is usually more affordable than having your online business go down from an attack. It’s better to invest in protection now, rather than putting it off until it is too late.
Mitigation Services vs. In-house Development
DDoS attacks come in all different shapes and forms. Unless you have experience dealing with attacks, building your own mitigation system using your own hardware or pre-existing ones could be costly and time consuming. One must not forget the fact that such mitigation systems always need to be updated and tweaked to account for new attack types and minimize false positives.
Instead, it may be more beneficial idea to hire a 3rd party company such as DDHS to handle your DDoS defenses for you. Many protection services utilize cost pooling which make them affordable and effective, even for the smallest of organizations. Additionally, protection can usually be deployed via reverse proxy or GRE tunnel within minutes to protect a single server located anywhere in the world. There are also other solutions available to protect whole your whole network if your organization has such a requirement.