26 October 2016
Service providers and their customers are under attack like never before. According to Gartner, a single hour of downtime could cost an enterprise US$300,000. Photo: Bloomberg
Service providers and their customers are under attack like never before. According to Gartner, a single hour of downtime could cost an enterprise US$300,000. Photo: Bloomberg

How to turn security into a performance driver for your business

Whether you’re an ISP, a managed security service provider or a web service provider, achieving true business success will rely on one thing — how you protect yourself from online threats and honor your accessibility and uptime commitments without compromising business gain and opportunity?

Downtime is not an option in any sector.

From e-commerce to finance, healthcare to government, your customers expect uncompromising performance that is faster, more secure and can scale instantly.

Yet, the volume and sophistication of Distributed Denial of Service (DDoS) attacks today is unprecedented and growing by the minute.

IT and security teams need new expert partners who can offer current insights, intelligence and understanding of the threat landscape in order to look past the immediate threat of DDoS attacks and guide them on a path toward greater performance, reliability and true business gain.

So what are some of the key business risks facing service providers?

And how can IT teams mitigate these as effectively as possible while adding value for customers in what is an increasingly competitive industry?

What should IT professionals be asking of their knowledge partners to set a path to true business gain with security and readiness as competitive differentiators?

Threat landscape

The threat landscape has never been more treacherous.

Intelligence from the Nexusguard Security Operations Center tells us that attackers are advancing zero-day exploits into “zero-day-plus-one” attacks at record speed.

Attacks are outpacing even those IT teams working at their most efficient pace and teams could not possibly be expected to keep up with the rate of attack.

This was precisely how opportunistic threats like Heartbleed and Shellshock were exploited to turn unsuspecting web servers into bot machines capable of launching DDoS attacks within hours.

Add to this the falling cost of botnet-for-hire schemes that threaten to attack unsuspecting businesses for as little as US$20 per attack and teams are overwhelmed in their efforts to stay ahead of swiftly evolving threats.

Hackers are increasingly focusing on complex, multi-vector attacks which require specialised platforms and expertise to mitigate effectively.

Reflection techniques including DNS amplification, Distributed Reflective Denial of Service (DRDoS), which fire legitimate service queries to vulnerable public servers, spoofing the target IP as the source IP, Network Time Protocol (NTP) and User Datagram Protocol (UDP) traffic attacks have also become a popular method to overwhelm victim organizations.

Today’s attackers are agile, resourceful and extremely determined: ready to change tactics at will to avoid detection.

So while NTP reflection attacks were popular in 2014 and at the beginning of this year, they’ve begun to wane of late as more and more NTP servers are patched.

In response, attackers have moved on to the next attack surface and next vulnerability.

In fact, Simple Service Discovery Protocol (SSDP) attacks are beginning to emerge as a potent vector for DDoS – driven increasingly by the internet of Things (IoT).

The explosive growth in internet-connected smart devices is a particular concern as they have relatively high bandwidth, are rarely patched and are on 24 hours a day.

As such, they are the perfect entry point to exploit and leverage to amplify attack bandwidth.

Staggering risks

So what does all of this mean?

Is it an impossible task to keep businesses ahead of attackers?

Service providers and their customers across the globe are under attack like never before.

Denial of service can mean lost revenue — anything from US$52,000 to US$52 million thanks to lost contracts, damage to stock price, a credit rating slump and increased insurance premiums.

Global businesses rely on uptime to optimize business.

According to Gartner, a single hour of downtime could cost an enterprise US$300,000.

Productivity losses can also damage the bottom line, with IDC estimating that for Fortune 1000 companies, the average cost of a critical application failure is US$500,000 to US$1 million per hour while average total cost of unplanned application downtime is US$1.25 billion to US$2.5 billion per year.

Specialist insurer Lloyds of London has also estimated that cyber attacks cost businesses as much as US$400 billion a year including the damage itself and subsequent disruption to the normal course of business.

Downtime, latency, lag and inaccessibility can also lead to customer churn and reputation damage which, in particularly competitive industries, can be fatal for business.

In fact, according to the Ponemon Institute, when IT executives were asked what the greatest single cost to the business would be in the wake of a DDoS attack, 64 percent said reputation damage and loss of customer trust would be the top loss.

When it comes to service providers, your customers increasingly expect you to be able to cope with any and all scenarios, from known to unknown threats.

In order to meet this demand, savvy service providers must proactively invest in services that monitor and mitigate advanced DDoS attacks.

The good news is that the security business is booming, with new innovations and global expertise.

Organizations across Asia and the Pacific will spend an estimated US$22 billion on critical infrastructure by 2020 according to ABI.

In the United States, the government has allocated some US$14 billion specifically to cyber security in the 2016 government budget.

Best practice leaders are innovating cyber security with new advanced “fusion centee” approaches to better integrate teams, partners and experts to address fraud, cyber attacks and mitigation, viewing the attack arena in a new way that demands visibility across all attack surfaces and points of access and vulnerability.

Today, with the right partner and business model there are ways to provide the security services your customers expect and tap a fast-growing market for DDoS mitigation that can actually enable business growth through performance improvements and uptime reliability.

It is time to turn your security stance into a business advantage.

Donny Chong, Product Director of Nexusguard, is the co-writer of this article.

– Contact us at [email protected]


Chief Scientist, Nexusguard

EJI Weekly Newsletter