An Attack Against Your Availability: Why SaaS are Big DDoS Targets, and What They need to do to Protect themselves

Spread the love

Why SaaS are Big DDoS Targets? In order to understand why software as a service companies are major targets for DDoS attacks, you need to examine your own levels of anger when it comes to services being unavailable.

For instance, if you went out for an ice cream cone and arrived at the scoop shop to find that it was unexpectedly closed, you would probably be mildly annoyed. And rightfully so. However, it’s not like you’ve paid for the ice cream cone already and didn’t get it. You can take your money elsewhere and get one. There’s no need to make a big point of boycotting that particular scoop shop going forward.

However, let’s say you’re a hockey fan, and game seven of the NHL Western Conference Final is about to air. You settle in on your couch with a beer in your hand and joy in your heart only to find that your cable is out. You can’t get the game. And even though you’re going to miss one of the biggest games of the year, you’re still going to have to pay your full cable bill at the end of the month because that’s just how it works. Rage level: oblivion. Instead of watching the first period, you start looking into other cable companies.

The more a company stands to lose from the outages caused by DDoS attacks, the more attackers stand to gain, and SaaS companies stand to lose a whole lot. This is why SaaS are Big DDoS targets. Everything you need to know to protect your SaaS.

Uptime: the big fat bulls-eye on the back of SaaS

Software as a service companies are major DDoS targets because the nature of SaaS demands constant uptime. If your customers need your services, they have to be available, especially since customers are specifically paying for that availability.

An outage caused by a Distributed Denial of Service Attack has the potential to harm any website or any business, no doubt about it. But there’s a major difference between a website selling party supplies going down overnight, and SaaS going down overnight. Party supplies can wait until morning. The services you’re supposed to be providing can’t. If your customers are paying for services that you cannot provide with 100% reliability, they’re going to take their business elsewhere.

The potential damage done to both the revenue and the reputation of a SaaS company makes it an attractive DDoS target for two distinct reasons. The first is that SaaS companies simply can’t afford the long outages that can accompany DDoS attacks because these outages would be too devastating for business. To attackers, this makes SaaS companies more likely to pony up if a DDoS ransom demand comes through. The second reason is notoriety. If an attacker can take down a major player, they’re going to get major press. Ever heard of the Lizard Squad? Exactly.

Techntechie_post_1

Every minute of unavailability cause losing more money (source: Shutterstock)

How to stop being easy prey

You probably don’t want to think of your website or company as easy prey, but while the truth can hurt, it’s ultimately helpful. You might even want to give this DDoS Downtime Cost Calculator a go to see how probable it is that you’ll be targeted with a DDoS attack, and how much it will cost if you are.

Now that step one: confront your reality has been taken care of, you can move on to step two: get proactive.

According to internet security company Incapsula, the two most common attack vectors used against SaaS are Layer 7 attacks and DNS attacks. Regardless of which attack vectors are used, a SaaS company requires a solid DDoS response team with a comprehensive DDoS response plan in place.

Your DDoS response team needs to know exactly what kind of DDoS protection and mitigation tools they have access to. This includes being aware of any DDoS protection offered by your ISP. Keep in mind that DDoS protection from your ISP is unlikely to offer instant response the way professional DDoS protection does.

Once your team has identified and knows how to use the response tools, it’s time to look for weak spots in your security, or single points of failure. Knowledge is power, and knowing where attackers are going to try to get in will help you prevent it, and also help you deal with it should an attack occur. You also need to perform a risk assessment and determine which services, assets or applications are most vulnerable.

From there you’ll need to formulate a list of procedures or protocols for being under attack. Not only does your response team need to have a plan for how they are going to react and begin mitigating an attack, but your organization overall needs to have procedures in place for how to deal with issues like email failure and online communication outages. You may want to consider testing your readiness with a drill or mock DDoS attack.

Why_SaaS_are_Big_DDoS_Targets

Source: Incapsula DDoS response playbook 

A job for the pros

No matter how ready your response team may be, and how prepared you are with your response plan, with the need for 100% uptime it may ultimately be best to look into professional DDoS protection. Cloud-based DDoS with a robust scrubbing server will be able to bounce all attack traffic before it ever touches your website, servers, networks or other resources while letting legitimate traffic through. Professional DDoS protection is perhaps the only way to keep your customers from ever reaching rage level oblivion.

5 Responses to “An Attack Against Your Availability: Why SaaS are Big DDoS Targets, and What They need to do to Protect themselves”
  1. Mollie July 7, 2015
  2. Heidi July 28, 2015
  3. Arianne August 21, 2015
  4. Glen August 29, 2015
  5. Colette November 25, 2015

Leave a Reply