Cyberattacks – are you protected?

The volume and the sophistication of cyberattacks being launched against online gambling organisations, and in fact all organisations around the world, is increasing at an alarming rate. Distributed Denial of Service (DDoS) attacks are particularly prevalent and in Q3 alone we blocked 546 attempts to breach 25 of our customers’ defences – this was more than double the number of attempts in Q2.

During the quarter, we also noted that 60 of the observed attacks had repeat attacks within 24 hours of the first attack. One customer was subject to a massive 288 attacks.

Worryingly, it is not just the number of attacks that has risen but the size of the attacks too. In Q3, attacks hit 1Tbps in size for the first time – the previous highest recorded was 750Gbps.

The largest attack size we recorded in the third quarter was 1.8Tbps, while the average size of attack was 48.9Gbps – a significant increase on the average attack size of 7.9Gbps recorded in Q2.

The number of attacks over 100Gbps increased from 50 in the second quarter to 121 in the third quarter, and we also saw the longest sustained attack rise from 3.1 hours to 22.1 hours. In total, our customers were under attack for 326 hours during Q3 compared with just 29.2 hours in Q2.

When looking at the three-month period, we recorded the largest number of attacks – 371 – in August. In July, we recorded 94 and in September a further 81. Our data certainly aligns with wider trends that show more and more cyberattacks are being launched against businesses and organisations around the world.

We are seeing cybercrime make the headlines frequently, particularly ransomware where the attacker demands a ransom from the victim to restore data upon payment. While ransom attacks have been around for decades, the development of bitcoin and cryptocurrency has supported this increase, as it has provided cybercriminals with a mechanism for payment.

No business is immune, and companies of all shapes and sizes are being hit by increasingly sophisticated and sinister attacks that can do untold damage.

In fact, the average cost of a data breach in 2020 was $3.6m. This is a shocking figure and one that should prompt you to ask the question – is my organisation protected?

These are the key areas of focus when it comes to mitigating cyberattacks, and in particular DDoS attacks.

1. Primary defences

Ensure your primary forms of protection are in place and are as robust as possible. Primary defences include utilising a private network for hosting and communication, enterprise DDoS and Web Application Firewall (WAF) protection, and ensuring that your public and private cloud environments are secure.

We often talk about a layered approach because what we are seeing now is multi-vector attacks; cybercriminals combine a range of threats deployed at multiple stages, across multiple points of entry.

2. Endpoint protection and security information and event management (SIEM)

Given the new normal of remote and hybrid working practices, ensuring an organisation’s infrastructure is not breached, no matter where the perimeter may now be, is crucial.

Just as vital is ensuring if something untoward happens (such as a breach), the appropriate teams are immediately notified. If it has not been done already, it’s essential to find out how endpoint protection and security event management can be applied to your infrastructure.

3. Awareness and education

It has been widely reported that phishing attacks, and other scams targeted to exploit our natural human fears, have increased significantly in recent months.

As such, companies need to ensure that all staff members, from the board to senior executives and all employees, are trained when it comes to cybersecurity, DDoS, ransomware and phishing.

The number of DDoS attacks, and cyberattacks in general, is only going to trend upwards as we move into the New Year, and that is why it is vital that businesses prioritise cybersecurity today.

As a Bachelor of Science graduate (2:1 hons Computer Science), Craig Lusher has worked in the IT and telecoms industries for close to 20 years. During this time, he has worked for tier-one telecoms networks specialising in high frequency trading, outside video broadcast and cybersecurity, serving some of the world’s most demanding customers in media, finance, logistics and gaming.

Over the past seven years at Continent 8 Technologies, Lusher has held several senior positions in solutions architecture, product and working with channel partners. He is currently working as the company’s global security product specialist working closely with the managing director of Asia Pacific to support business growth in the region.