3 Questions to Ask Your Managed Services Provider About DDoS

Like spam emails and pop-up ads, distributed denial of service (DDoS) attacks have been around since the arrival of the internet. Unlike those annoyances, however, DDoS attacks can be a genuine threat to your business – and they’ve been on something of a tear lately.

DDoS attacks, in fact, have been growing exponentially – both in rate and in size. In the first quarter of 2024, for example, HTTP DDoS attacks went up by 93 percent YoY, while the average attack size increased by more than 200 percent. And this escalation has only continued since then.

It seems, unfortunately, that we’re living in a golden age of DDoS. And while some companies and industries are more susceptible than others, odds are almost every business is going to fall victim to an attack at some point.

That’s why now is the time to talk with your managed services provider about how to mitigate the risk of a DDoS attack. These three questions are a good place to start.

1. Is DDoS a threat to our business readiness?

Unfortunately, that’s kind of the point of DDoS: DDoS attacks take your business offline. That’s why this is a great time to be proactive.

To review, the goal of a DDoS attack is to overwhelm server resources with huge numbers of requests to force an interruption of work. The result? Downtime. 

No company wants its services to be down for any length of time. But not every DDoS attack hits the same. So start by assessing the threat landscape to your business, taking into account these key questions:

• Are we more susceptible to a DDoS attack than other businesses? (Hint: if you’re in an industry like financial services or academia, the answer is probably yes.)
• Is the downtime from an attack more likely to be a minor disruption for customers or a major outage that costs us far more in lost business? The average DDoS attack cost nearly half a million dollars in 2023. What would that mean to your balance sheet?
• In addition to any opportunity cost losses from that downtime, how much will it cost to recover from the attack itself? What about the cost of rebuilding trust with affected customers?
• How big is our risk for a DDoS attack that goes beyond mere disruption and veers into the more malicious territory of ransomware?   

The answers will vary for different companies. But given the explosion in DDoS activity over the past several years – and the significant revenue at stake – it’s a good idea to have this conversation now (so you don’t have to panic later).

2. If we can’t stop DDoS attacks, how do we stay online?

The good news about DDoS attacks is that while you can’t prevent them, you can mitigate the risks.

And the good news is that advances in technology have increased the number of options for companies looking to protect themselves from DDoS attacks. For instance, instead of relying on old-fashioned protections like firewalls and router ACLs, many managed service providers (including Summit, ahem) now offer more modern options like scrubbing services.

A scrubbing service is essentially a filter. When a massive amount of traffic is detected, an alert is triggered to reroute that surge to a scrubber. The scrubber analyzes this load, removes the junk traffic meant to overwhelm the system, and sends the clean traffic back to the business. Or it may shut down the one IP address among many that’s absorbing all of the suspicious traffic.

In either of these scenarios, service may be degraded for a short period, but there’s no costly long-term outage. And that’s the goal of scrubbing – not to be perfect, but to keep things up and running instead of getting shut down completely.   

Of course, threat actors have been keeping up with technology as well. Which means they’ve been able to launch more complex attacks – and stay several steps ahead of the protections meant to thwart them. That’s why the more pertinent question here for your managed services provider – how can you help protect us? – is one that needs to be revisited often.

3. Are we overpaying for DDoS protection (especially if it doesn’t always keep us online)?

If you’re satisfied with the protection options your managed services provider offers, this is the next question to ask (if you’re not, it may be time to look elsewhere). The discussion surrounding question 1 should help guide your answer here. 

DDoS protection isn’t free, so you want to be sure you’re paying for a level of protection that makes the most sense given your risk exposure.

For example, if you’re a higher-profile business – say a bigger company or one in a more vulnerable industry – you may want to splurge for the highest level of protection available, regardless of the cost. After all, if you’ve determined that persistent DDoS attacks are probable, and that those attacks could result in significant losses, the cost of ever-present protection is likely worth the investment.

On the other hand, if you’re a smaller company that doesn’t expect frequent attacks, you might decide you’re fine with a lower, less expensive level of protection.

In either case, you’ll likely be choosing between two kinds of scrubbing models:

• An on-demand model, where you hold a sum of money in a DDoS reserve fund. If an attack happens, you can call your service provider for on-demand DDoS scrubbing and write them a check.
• A service model, where you pay for a DDoS scrubbing service that is set up and ready to go at all times. The provider monitors traffic and triggers action when necessary. One advantage of this model is the opportunity to basically dry run the scrubbing to give the system an idea of your company’s traffic patterns. This way, when an actual attack unfolds, everyone has a better idea of what that looks like.

The key to determining what level of protection makes sense goes back to doing a risk and budgetary assessment. If being down for 20 minutes is going to mean $100,000 in lost revenue, the cost of a dedicated scrubbing service that is online and ready to go at any time is probably money well spent.

Don’t Go Dark. Avoid the Costs of Downtime with DDoS Protection

DDoS attacks aren’t going away. If anything, they’re becoming more frequent and potentially more damaging. That’s why you need to understand what your threat level is and what steps you can take to protect yourself. 

We understand the DDoS risk landscape. Get in touch to learn how we can help.