RSS FeedBlogs
RSS FeedSubscribe to this blog
About Author
Forrester Analysts

Forrester Research is a technology and market research company that provides pragmatic advice to global leaders in business and technology.



Hacking should be included in your disaster recovery plans as a potential risk for downtime

The revenue and reputation damages caused by a DoS outage for just a few hours can be astronomical

Article comments
Right now, the internet probably seems like the Wild West. Hackers are roaming around, seemingly attacking websites on a whim. Most recently, groups like Anonymous, the Jester, and Lulz Security (LulzSec - now supposedly disbanded) have been attacking and successfully taking down web sites of all types. Government and corporate, public and private, anybody seems as though they can be a target for these attacks. While their reasons for attacking a site range from political statement to simply for the fun of it, hacktivists and black hat trouble makers alike, the end result is that hacking is now a real cause of downtime.

In the past, these groups operated on the fringe of the vast expanse known as the internet.  Their names were known mostly amongst communities that were already interested in their antics. However recent events such as the Occupy movement, the SOPA/PIPA debates, and the protests in the Middle East have dragged these groups into the limelight.  Since then, their infamy has only grown with the combined Anonymous/LulzSec attack on Sony’s Playstation Network in 2011 which cost Sony $171 million in lost revenue alone (with some estimates placing the cost at a staggering $24 billion), the recent takedowns of the Department of Justice (DOJ), CIA and FBI websites, the recent attack on the NASDAQ, and now the most recent threat from Anonymous to effectively disable the internet, hacking is a very real, very present risk to consider. It is easy to simply dismiss these activities as random acts of tomfoolery, and even easier to assume that it will never happen to you but that is a dangerous and potentially costly notion. In my most recent report, “Building The Always-On, Always-Available Extended Enterprise”, I discuss the cost of downtime and show how costly a website outage can be for just a couple hours. Whether you run an eBusiness website or not, the revenue and reputation damages of an outage can be astronomical.

When dealing with disaster recovery, most common causes of downtime are power outages, infrastructure failures, human error, and natural disasters. But suffering a denial of service attack (DoS) is generally not in the forefront of leaders’ minds.  Whether it's an unintentional denial of service, like when Coca-Cola and Acura's websites crashed during the superbowl due to the popularity of their commercials, or a distributed denial of service (DDoS) attack by hackers, the difficulty is predicting the occurrence of, and protecting yourself against downtime. As with any other disaster, it is important to have a disaster recovery plan in place in the case that such an event may occur. These types of plans should focus on communications to employees and customers and any potential workarounds and methods to distribute additional information. You may never be able to prevent a DoS attack, but you can be ready if (or when) you are subjected to one.

By Rachel Dines, with contributions from Eric Chi


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *