Last week, the largest DDoS (or distributed denial of service) cyberattack in Internet history struck GitHub, a large web-based hosting service for computer code. At 1.35 terabits per second, unidentified hackers sent the largest flood of traffic ever recorded via an online mechanism called “memcaching” to try and bombard GitHub and bring their web infrastructure down.
The good news: unlike the massive October 2016 DDoS that took websites like Twitter and Spotify offline for hours, the GitHub attack was foiled in less than 10 minutes thanks to the power of proactive security solutions. The website briefly struggled with intermittent outages before calling in help from its security partner, which re-routed Internet traffic and filtered the data to identify and block the malicious packets causing the attack. After eight minutes, GitHub reports that the hackers gave up and traffic returned to normal.
What does this mean for small businesses weary of the constant cyberattack drumbeat?
Cyber defenses are far different for a small business with, say, 20 employees than for an international code repository with 20 million users. The fact that GitHub and its security partner, Akamai, were able to fend off this attack will resonate throughout the IT realm. Akamai modeled its defense capacity off of an attack five times bigger than the biggest ever recorded. But as vice president of web security Josh Shaul said, “It’s one thing to have the confidence. It’s another thing to see it actually play out how you’d hope.”
The methods used to keep GitHub’s website resilient in the face of this attack will be translated down to a smaller scale now, as well. Since they worked in this instance, tools like the following will become a routine part of cyber defense strategies:
- Keeping critical servers behind firewalls on internal networks
- Developing web filters that can immediately block traffic when a suspicious spike occurs, and
- Identifying attack commands in advance
Big Internet service providers have already begun adapting such tools, and other IT providers will surely follow, updating their solutions for exactly such a scenario. And that’s why proactive security is so important.
Best defined as an approach that fixes IT problems before they occur, managed services can improve the productivity and efficiency of your company while also keeping your business and its critical information safe.
The key components of such a strategy include:
Anti-virus, anti-spyware, and anti-malware efforts.
Viruses and malware are proliferating at a rate never seen before in the tech industry. Keeping up with such advances is nearly impossible for the average business owner, who’s often stretched thin enough without adding IT concerns to his or her plate. Most data breaches are caused by viruses and malware delivered through a frightening array of means: malicious email, infected attachments, and contaminated links.
Multi-layered network security.
This includes tools like those used to stop the GitHub attack: firewall management, access and identity protection, Internet traffic analysis to identify threats, content filtering to prevent dangerous links, ads, and attachments from enticing your employees, and an “umbrella” approach that layers defenses around your data to protect it from the latest cyberthreats.
Update and patch deployment.
Would you rather struggle to play catch up with software updates and security patches yourself, or entrust a business partner with decades of IT experience to take care of such issues while you and your staff are out of the office and even asleep? The best managed services offerings handle patch and update deployment on a daily, off-hours basis, ensuring that none of your company’s technology suffers from a lapsed security setting.
Maintaining the security of your data is one thing — making sure it’s around to be kept safe is another. Without a redundant and repeatable process for regular data backups, you’re flying blind with your company’s most valuable asset. Backing up your data on a regular basis, then implementing disaster recovery and virtualization plans in case of disaster, can provide 100% protection for your information.
Don’t let the latest news of this DDoS attack get you down. With CMIT Solutions, you can deploy top-flight proactive services, backup and disaster recovery, business continuity, data encryption, email archiving, and other services critical to day-to-day business operation and protection. With a trusted IT provider by your side, you can survive (and thrive) in today’s complicated IT world.
At CMIT Solutions, we defend your network, secure your data, and empower your staff to be more productive. Contact us today so that we can help you boost productivity and efficiency while you worry about growing your business.