DDoS: Understand the Risks and Your Options for Protection

Have you ever tried to visit a site or use an application, only to discover it wouldn't load at all? There are many possible causes for such outages, with distributed denial-of-service (DDoS) attacks an increasingly common culprit. DDoS is a growing concern for both enterprises and service providers. Corero found 56 percent of the security experts it polled at the 2017 RSA Conference thought DDoS was a greater problem in 2017 than in 2016. Forty percent reported experiencing such attacks monthly, while 45 percent cited loss of customer trust and confidence as the worst effects of DDoS on their operations.

Why you have to think about DDoS protection today

In a successful DDoS campaign, the target's servers are overwhelmed with traffic such as attempted connections from rogue sources. As a result, it becomes unavailable to legitimate requests.  DDoS has long been a noteworthy risk for the operators and users of any connected service – from a simple website to a hosted VoIP platform – but its potential for disruption has increased considerably in recent times because of: 

• Botnets: A botnet is essentially a zombie army of internet-connected devices, all infected with malware instructing them to carry out cyberattacks. The expansion of the Internet of Things, which could encompass tens of billions of gadgets by 2020, has turbocharged botnet growth by bringing online many new sensors, appliances and other hardware with fewer defenses against attack than PCs or servers (the previous mainstays of botnets).
• Innovative attack vectors: There's more than one way to execute a DDoS attack. Today's cybercriminals can take advantage of multiple vulnerabilities to boost their chances of success with DDoS. For example, a few years ago, the obscure Network Time Protocol was exploited for the first time in some of the then-biggest DDoS incidents ever in 2014. Other techniques include bandwidth saturation and application-layer attack surfaces in OpenBSD and Microsoft Windows.
• Easy learning curve: DDoS seems complex from the outside, but it's become easier over time for would-be attackers to go after their targets. Some botnets are now rentable, providing immense capacity that individuals and groups would otherwise not possess. Video tutorials also offer walkthroughs of how to plan a DDoS attempt.

Now for some good news: DDoS mitigation is readily available for internet-facing services, plus it is highly effective at preventing and reducing damage from downtime. The downside is that such protection is typically expensive.

Faced with a rapidly evolving threat environment and shortages of in-house security personnel, organizations may feel like they have no option but to pay up. That's unfortunate given the costs and potential impacts on static company budgets, which according to Spiceworks' 2018 State of IT survey are projected to stay mostly the same from 2017 to 2018. The same report projected staffing levels to remain unchanged as well. 

Telesystem approaches DDoS defense differently than our competitors. Let's look at how integration of anti-DDoS measures into our hosted VoIP platform saves you money upfront and over the long haul, thanks to more secure and reliable communications.

How the DDoS Protected Network from Telesystem works

Instead of offering DDoS protection as a pricey add-on, we include it free of charge at the core of our network. Here's what our broad spectrum of managed services, including security, provides to our customers:

• Industry-leading threat intelligence that sits between your IT infrastructure and the internet, inspecting traffic for malicious activity and keeping your critical systems safe from harm.
• Telesystem Managed Security, which is a comprehensive set of cyberdefenses including firewalls, email encryption, site-to-site virtual private networks, data loss prevention and much more.
• Real-time DDoS protection based on an interconnected and analytics-enhanced suite of security applications.

Plus, there's the advantages conferred by Telesystem's two data centers with seven Tier 1 interconnects between them. The regular alerts sent to these sites permit early detection of any DDoS attacks underway, allowing for earlier and more effective responses benefiting end users reliant on our solutions. Every second counts with DDoS: According to Information Technology Intelligence Consulting Research, 98 percent of organizations affirm that even one hour of downtime would cost them at least $100,000.

With Telesystem, you get multifaceted security against DDoS. Known malicious IP addresses are blocked, protocols are validated, botnets are walled-off and packets are deeply inspected. This peace of mind is invaluable in an era characterized by bigger and more sophisticated cyberattacks, including DDoS.

Learn more about your options today

Cybersecurity is a fundamental requirement for any organization, and one increasingly expected by customers conscious of how their data is being handled. At Telesystem, we route all services through our secure network core for maximum protection from DDoS and other threats. Contact us directly to learn how we can assist you with everything from hosted VoIP to dedicated internet bandwidth.