Whether you’re leading a Fortune 500 company or your own small business, cybersecurity must be a fundamental business objective. Several high-profile cyberattacks in the first half of 2017 have affected organizations of all sizes all over the world, and these attacks are only going to become more common and more sophisticated.
As a business leader, it’s important to understand that the threat is constant. Even if you’ve never experienced an attack, your servers are perpetually being scanned by hackers for vulnerabilities — and the damage can be fatal to your business. A cyberattack can result in the loss of critical information, putting the reputation of your brand at stake.
If you suffer a cyberattack and are able to react quickly, it’s certainly possible to mitigate the damage to your business and your customers, though containing an attack can get tremendously expensive. If you have a plan in place, however, you can save yourself a lot of time and money — and protect the future of your business.
Diagnosing the Threat
There are countless types of cyberattacks, including malware, phishing, rogue software, and many others. But over the past couple of years, hackers have increasingly favored distributed-denial-of-service (DDoS) attacks when targeting businesses.
There are essentially three types of DDoS attacks.
A volume-based attack overloads servers with data, rendering the victim’s website inaccessible. This is the type of attack that generally makes the news, as roughly 90 percent of DDoS attacks are volume-based. The other 10 percent are split between protocol attacks, which drain your servers’ resources by overloading them with requests, and application-layer attacks, which perform specific requests to extract important information from your servers, such as credit card details or user logins.
Good Bots vs. Bad Bots
The key characteristic of DDoS attacks is the use of bots to do the dirty work, and bots are everywhere. In fact, if you analyze a typical website, you’ll find that around 61 percent of traffic is actually nonhuman and attributed to bots.
A bot is usually a software program that runs simple and repetitive automated tasks over the internet. Google’s crawler is perhaps the most famous example. The crawler scours websites, analyzing text, titles, page speed, inbound links, and other factors to determine the ranking of the site. This is typically a good thing — as a publisher, you want the Google crawler to get on your page and rank you as highly as possible.
Likewise, communication on many websites — including news platforms, reservation sites, and shopping sites — is often conducted through chatbots. These bots allow companies to cut costs and better serve their customers.
But bots can also be used to cause harm.
During a DDoS attack, a bot herder usually controls huge botnets, or robot networks, via a control server and manipulates them into behaving a certain way to extract as much valuable information as possible from a targeted website. This is the same mechanism behind a remote file inclusion (RFI) attack or cross-site scripting (XSS) attack.
Attacks in Action
Hackers are getting more creative when it comes to cyberattacks, and the threats are becoming more serious — and expensive. For example, in 2016, U.K.-based betting company William Hill had its website knocked offline as a result of a DDoS attack. Fortunately, the attack didn’t occur during a major sporting event, but it could have cost the company an estimated £4.4 million.
Ransomware is another type of cyberattack that is becoming more common, and hackers are becoming more original. For instance, the Romantik Seehotel Jägerwirt, a hotel in Austria, was ransomed early in 2017. But rather than simply take control of the hotel’s website and demand money, the hackers took it a step further by locking guests out of their rooms and shutting down the hotel’s reservation system.
Some types of cyberattacks are more sinister in that they do more than simply knock a company’s website offline or demand money. In 2015, for example, PokerStars was hacked by a bot that gave certain players an unfair advantage and helped them win a combined $1.5 million. Because poker isn’t a completely randomized game and you can win with the right calculations, bots and artificial intelligence tactics are becoming a more common problem within the industry.
And no industry is immune to hackers — sometimes, the attacks may even come from competitors. Here at Leaseweb, we once saw a unique attack on an airline website that looked like a simple seat reservation. But as we analyzed the request, we noticed that it went through the entire reservation process of choosing a carrier, departure time, destination, and price, but then it immediately stopped once it was time to pay.
We then realized that the request was carried out by a bot, and the intent was to show the flight as being completely booked. That way, when real customers visited the site to make a reservation and saw that there were no open seats, they’d go to a competitor — which is exactly what the hacker wanted.
Albert Einstein once said, “Intellectuals solve problems; geniuses prevent them.” The same theory holds true with cybersecurity. Because cyberattacks are a growing problem across all industries, nobody is immune to threats. You can resolve them once they happen (after they’ve already cost your company a lot of money and, more importantly, potentially harmed your brand reputation), or you can create a cybersecurity plan to ensure they never happen in the first place.