A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic through the use of a botnet. A botnet is a network of compromised computers that are used to perform malicious activities without their owner’s knowledge.
Compared to other threat types, DDoS attempts are generally more likely to succeed in disrupting the availability of data or systems and inflict more severe consequences.
Neustar’s global 2017 survey found businesses reported a cost of $100,000 to $250,000 per hour and at least $2.5 million every time they fell victim to DDoS attacks.
Historically, DDoS attacks had non-financial motivations, aiming to bring attention to certain events or protest specific issues.
The more recent trend is for DDoS to be used for extortion, where a business is threatened with an attack against its website unless it makes a payment. These threats can be accompanied by a small DDoS activity – or brief larger one – to demonstrate capability.
How to protect your business from DDoS attacks
- never respond to extortion emails—even to refuse
- make sure IT security patches are regularly applied to your website
- make sure your website runs on different infrastructure to your critical business systems, for example emails
- make sure you have an incident response plan in place and that it is tested regularly
- make sure you have a business back-up plan if your website is attacked.