Late last month, two members of the hacker group LulzSec pleaded guilty to launching distributed denial-of-service (DDoS) attacks against entities ranging from the state of Arizona to Nintendo to the CIA. Yet despite extensive media coverage of such attacks, chief information security officers are still surprised when their companies get hit.
This is not an unforeseeable lightning bolt from the blue, people. The cyber world is full of anonymous arsonists, and too many businesses are operating without a fire department on call. A few
sprinklers won’t cut it when things flare out of control. Firewalls and intrusion-prevention system appliances are no substitute for specialized DDoS backup when an attack escalates.
Proactively securing a mitigation service can be a good insurance policy–in fact, it’s better than insurance, which pays off only after damage is done. That’s because mitigation services are designed to prevent destruction from occurring in the first place. Not only can a mitigation service act as a deterrent–many attackers will move on to easier prey when they see an initial DDoS attack fail–but these providers have the capacity and expertise to rapidly scale DDoS countermeasures against coordinated, professional attacks. That can mean keeping your website online even under heavy bombardment.
Download the full article here.