When it comes to cyber security, protection starts at the source: your ISP. Internet reliability and security ensures smooth business interactions and helps avoid distributed denial of service (DDoS) and other cyber-attacks. ISPs regularly come under attack because of the potential booty – and sheer disruptiveness – available to the attacker/s. Even a short attack threatens a business’s’ reputation and bottom line. Having a “clean pipe” (i.e. a connection free of dangerous – ‘dirty’ – internet traffic) helps prevent hackers from using DDoS attacks as a smokescreen to distract from the delivery of viruses.
These attacks can have deep and long term impacts on your business. Here are some key questions to ask of your service provider – and some answers to expect – so you can be confident that they are properly equipped to battle network abuse.
The Nature of the Beast
DDoS attacks do more damage (and thus incur a greater financial cost) the longer they last, and they have been increasing in frequency, duration, severity and complexity over the past couple of years. They are also becoming smarter at avoiding detection and co-opting new networked technologies, such as smart devices.
While ISPs are not responsible for preventing enterprise data breaches, certain ones do provide DDoS protection by identifying and blocking suspicious traffic. Sometimes this protection will be offered for an additional fee, which is typically cheaper than setting up such protection in-house unless you’re running an especially large operation. Ask for the costings of these additional services.
These providers work with internal and external databases which record and track “dirty” IP addresses and their related networks, so as to provide warnings to or ban the IP from participation in the network, depending on the severity of the behavior.
Real-time notifications of possible threats enable you to take preventative measures. A variety of anti-DDoS hardware and software solutions exist for different security needs. Traditional solutions rely on humans to notice and divert traffic to a scrub service, and so depend on the quality of the provider’s workforce and resources. Ask about the size and qualifications of their workforce.
In-line automated DDoS mitigation appliances automatically block dirty traffic with algorithmic identification of anomalies. A reliable ISP will have a combination of powerful software and proven experience. Look to independent reviews for any reports of security failure in the company’s history: if they can’t protect their own network and customers you shouldn’t trust them to protect yours.
Dealing with an Infection
If you’re unlucky enough to suffer an attack it will not only compromise your network but also any infrastructure which relies on it. Not only will your ISP not be able to help you, but failure to properly defeat the malware could even result in your expulsion from their network! You need to be prepared for the possibility of a malware infestation. While generic viruses are bad enough, specialized types of malware present unique challenges.
Stealthy and Brutish Malware
Spyware will do everything in its power to hide itself, so make sure to have powerful and regularly updated anti-virus software, and investigate mysterious anomalies: it’s better to be safe than sorry. Ransomware, on the other hand, will force you to take notice as it encrypts and holds all your files for ransom in exchange for an anonymous payment. Take these threats seriously but not literally: they can and will destroy your files if they detect you trying to get around them but there may be a way of stealthily removing them. A trusted ransomware removal company will tell you what your true options are.
Ask your service provider whether they can provide DDoS event reporting and analytics so that you can have visibility of their networks to analyze threats and attacks. Having access to attack vectors and breach characterisation helps you predict and prepare to some degree, although you’ll need to know how to interpret the data.
I hope this guide has answered some of your questions and created new ones. Take any questions you can’t find an answer for to your prospective ISP: the quality of their answer be another indicator of their trustworthiness.
Zohar Pinhasi, CEO and Founder of MonsterCloud, is a leader in opening the cloud computing market to small- and medium-sized businesses.