Is your business prepared to recover from a distributed denial of service (DDoS) attack? Most aren’t, but it doesn’t take much time or effort to get a recovery plan in place. Most of the time, businesses/website owners lack the technical know-how to prepare, and business leaders don’t communicate well during an attack. Every business should have a standard operating procedure (SOP) in case of an attack, and those mitigation capabilities should be tested at least once per quarter. Finally, make sure everyone in the company knows the rules and who’s making decisions should an attack occur.
Today, there are DDoS “toolkits” that make it easier than ever for hackers to launch an attack. However, lack of sophistication doesn’t mean the attack is any less troublesome for a company. There are three major defenses for these attacks, with scrubbing centers being one of the most popular. This is where all incoming traffic is “scrubbed,” which redirects traffic through the scrubbing center first in order to ward off “bad traffic.” Another option is a Content Delivery Network (CDN), which means your content is getting hosted on many servers so that DDoS mitigation is “on” 24/7. Finally, consider your in-house equipment (the other two options are in the cloud). There is DDoS mitigation equipment you can get on-site for easy, fast usage.
Appoint a Committee
To prepare for attacks, create an ad hoc committee that’s small, informed and charged with action and decision-making power during attacks. You only need two or three IT leaders, including one with “button pushing power” who makes the final call during attacks. Also rally your Internet Service Provider (ISP) into your corner so you can quickly mitigate traffic if necessary. Ideally, you need to be able to make blocking requests around the clock, but check with your ISP to ensure that’s part of what they offer.
Keep things clean by regularly auditing all content on your website. Large files are particularly vulnerable to DDoS attacks, so make sure any on your site are absolutely necessary—otherwise, hackers can send multiple requests to these big files. In the SOP, write down any business services that might be shut down during an attack and what those consequences may bring. Finally, make sure the committee has a checklist of what to take care of in case of an attack, including how to inform and how, who’s in charge of internal communication and the means of reaching specific executives.
Spreading the Word
There should also be an external communication tactic, which may include informing your customers on social media or via email. A spokesperson should be selected to take care of things during panic mode. Your plan should encompass every possible scenario, such as how many IT members will be “lost” while attending to an attack, what the help desk will do to keep serving customers if systems are shut down and just how much manual work will be required.
You may lose worker output, business, customers, incur penalties, lose future business and harm your brand/reputation. That can’t be helped, but what can be helped is the severity of the impact. With a plan and clear communication, DDoS attacks don’t need to be as harmful as they often are.