Preventing eBusiness Interruption

Posted by Mark Greisiger

A Q&A with Mark Teolis, General Manager of DOSarrest
Denial of service (DDoS) attacks are a threat to any business with an online presence. With little effort, an attacker across the world can completely overwhelm, degrade and/or crash your business computer servers. The result is that you then lose customer trust and revenue for every minute the system is down. This type of attack is very prevalent and difficult to defeat. DOSarrest (an eRisk Hub listed vendor) assists organizations in deflecting these belligerent attacks. We spoke with general manager Mark Teolis to learn more about DDoS attacks and what we can do about them.

Can you explain what a DDoS attack is, and how this type of interruption impacts commerce operations?
A DDoS attack is when someone is maliciously sending unimportant—often just nonsense—traffic to your webserver, forcing the server to respond to it. The repeated requests bog down the server and eventually it can’t deal with any requests, even legitimate ones, and it starts to slow down or crash. If you have an ecommerce operation that’s hit by a DDoS attack, your operations simply stop. Your site is down, and customers can’t log on. Often they go somewhere else to make the purchase. And if your operation is time-critical, such as Ticketmaster, for instance, missing out on that day’s sales is not like having a bag of sugar you can sell the next day. It’s a loss you can’t recoup. These attacks can be devastating and most people are not prepared. I always tell people to have a plan in place, to think about being down for a day to three days and how it will impact business, prestige and sales. Protecting yourself is an expensive undertaking, but can you really afford to take the risk?

How often are businesses sustaining this type of an attack? Are any sectors more exposed than others?
We don’t have any hard and fast numbers because in most cases companies don’t report these attacks. However, we believe there are about 10,000 DDoS attacks a day. At the beginning, about 10 or 15 years ago, the biggest target was the electronic gaming industry and that’s where this thing started. These days, anyone can launch this type of attack, without any kind of tech knowledge. All they need is to rent a botnet for as little as US $20 a day. So everyone is getting hit now.

How does DOSarrest (or similar solutions) help prevent or mitigate DDoS attacks?
If you want to protect yourself, there are a couple of ways to go about it. You can buy a piece of equipment, a DDoS mitigation device, which is a onetime fee and it will stop attacks, though each device has different capabilities. Another route is to go to a provider who offers protection services–again, some are better than others. In this case you are usually paying a monthly fee. Your provider is only as good as their upstream connection—if the attack is too big for the connection, your system will go down. One of the biggest misconceptions people have is if they buy a service or a device it will be able handle everything, and it’s just not true. Our service relies on our own proprietary techniques to block malicious traffic and we offer it as a monthly fee.

If my business is undergoing a live DDoS attack and I call DOSarrest (in a panic, of course), how soon can I expect to get the problem resolved so I’m operational again?
We can have it resolved in 15 minutes once a customer goes through the emergency form on our site.

In conclusion…
We have personally seen clients pummeled by DDoS attacks and often it’s at the height of their sales season (Black Friday or Cyber Monday, for instance). Sometimes these attacks are accompanied with an extortion threat (pay this or else). Other times, the bad guys might use the DDoS as camouflage so they can exploit and breach an application. We have also seen DOSarrest help clients and restore their ecommerce operations in a timely manner so that desired customer traffic can get through, while the bad guy noise cannot. This is not a testimony, but this firsthand experience is one of the reasons why we wanted to interview Mr. Teolis for this article, and this is why we include DOSarrest in our eRisk Hub crisis portal.