Joanna Potbury
Cyber crime is an epidemic, affecting more individuals and organisations than ever before. It now takes many forms including hacking, identity fraud, denial of service attacks, harassment by electronic means or phishing.
While media headlines focus on hack attacks on big brand names, the threat is very real for the smaller business, who often may not have the knowledge, time and resource to implement the processes and technology solutions required to reduce the risks of a cyber attack and the resulting damage. Earlier this year, the Daily Telegraph reported that a poll of British businesses suggested that only 28% had reported an attack, citing fear of reputational damage.
That is of course only one aspect of the risk associated with an attack. Even if you do not report externally, you need to be able to demonstrate that you have taken effective measures internally to resolve and contain the breach, particularly when personal data is involved. Such attacks can lead us into the realms of data protection regulation, where we see risks of prosecution the loss of data as well as exposure to civil liability from third parties whose data has been stolen. It is critical that organisations have plans in place to protect data, systems and client information.
Businesses also need to be aware and alert to the risk that cyber crime in the form of data theft may not always be an external threat but may come from within the business itself: from disaffected or departing employees. We have acted in several cases where employees have taken business critical and confidential data to use for their own purposes or for rival businesses who are in competition with their employer.
We have extensive experience in dealing with all aspects of cyber crime and prevention. We are also sensitive to the reputational risks. You can contact us at any time for a confidential discussion.
Graham Fox
DDoS protection and learning how to protect from DDoS attacks must be at the core of a successful cyber-security strategy, because distributed denial of service (DDoS) attacks have become one of the primary cyber-security threats facing enterprises today – and it’s only set to get worse. DDoS attacks are attempts to make a computer resource (i.e. website, e-mail, VoIP, or a whole network) unavailable to its intended users - and/or as a distraction to help them attack you/ steal data from you through other means. Overwhelmed with massive amounts of unsolicited data and/or requests, the target system either responds so slowly as to be unusable or crashes completely. Whatever the outcome effective denial of service protection can eliminate or minimise downtime from a DDoS attack and just as importantly allow you to concentrate on other tasks/risks.
Organised cyber-attack groups, such as Anonymous and DD4BC, frequently launch politically or financially-motivated denial of service attacks to cause website downtime for big brand corporations, financial services companies, and even governments. Yet every day there are hundreds of other unpublicised DDoS attacks on e-commerce companies and web-based service providers of all sizes, there are over 124,000 attack events recorded each week (Altas Report H1, 2016). Every organisation with a valued web presence needs to know how to protect against DDoS attacks.
Protection is needed for all types of DDoS attacks - Different types of DDoS attacks can affect specific IT network elements and require different DDoS mitigation techniques for denial of service protection. Attackers know this and will identify the weak links in a DDoS attack protection strategy and chose the DDoS attack they determine will cause the most damage.
Your DDoS protection strategy
DDoS protection is a cyber-security response to stop a DDoS attack – it seeks to prevent a DDoS attack from damaging the operations of your enterprise. A DDoS protection service is designed to detect, monitor and stop DDoS attacks (monitor, manage and mitigate). Given the growing number and scale of DDoS attacks, planning for DDoS attack protection is a critical IT security function. The USA, France and Great Britain are the main targets for attacks over 10Gbps (Altas Report H1, 2016).
It’s virtually impossible for an individual business to build out a sufficiently large DDoS protection infrastructure to scale in response to a large DDoS attack. RedSpam, a cloud-based DDoS protection service, offers protection both nationally and internationally with builtin scaleability combined with advanced DDoS detection techniques, specialised DDoS protection software, and DDoS protection experts who know how to protect against DDoS attacks – 24/7/365
Big data and DDoS protection
Hundreds of millions of data points in multiple streams pour into a DDoS protection network in real time during an attack. Automatic DDoS protection software with decision-making algorithms based on data analytics for DDoS protection are helpful but are prone to false positives. DDoS protection experts in our Security Operations Centre (SOC) quickly make sense of the deluge of data and make precise decisions as to which data/traffic to allow and which to block. Using big data, our SOC engineers can customise your DDoS defence using specialised knowledge of how to protect against DDoS attack types observed as the attack happens – we can also contribute a large amount of valuable data on attacks and attackers, including for IP reputation.
How to protect from DDoS panic
A best practice for DDoS protection is the creation of a playbook or operations procedure that details a planned response when a DDoS attack occurs. Working with RedSpam we will help you to create a bespoke template and set up a number of protocols that will trigger aggressive countermeasures to attacks. This will help you to see the best way to manage internal and external communications when confronted with a DDoS attack and leads to optimisations that can be developed to ensure a rapid, repeatable and predictable plan for DDoS survival moving forwards.
REDSPAM is the provider of True Dynamic Mitigation™ a unique combination of industry-leading hardware and patent-pending software that offers unprecedented protection against Distributed Denial of Service (DDoS) attacks to ensure continuous uptime of your online business assets.
As a cloud-based transparent service, whatever the level of attack, you only pay the price agreed for the service. RedSpam does not charge for size, number of, or duration of attacks and provides same-day, fixed price quotations for the protection level required.
DMH STALLARD is an award winning law firm providing strategic and operational legal advice. From cyber crime protection, corporate finance and M&A advice, to resolving commercial disputes or putting safeguards in place, our lawyers focus on delivering success to help clients protect and grow their businesses. www.dmhstallard.com
Should you have any further questions regarding the above, please do contact Joanna Potbury on 01293 605596/ Joanna.potbury@dmhstallard.com or Graham Fox on 07968 444068/graham.fox@ampito.com