Network abuse is increasing daily. The latest cybercrime report from PWC shows that it is the second most reported economic crime and that many companies are leaving their first response to their IT teams without “adequate intervention or support”. In situations like this, abuse handling by the service provider’s abuse desk is the last line of defense. This is one of the many reasons why customers prefer service providers with effective network abuse handling.
In the past, service providers regarded network security as a customer problem and were focused only on preserving the integrity and security of their own infrastructure.
This has all changed due to increased competition in the service provider marketplace. A service provider that is not polluting the wider Internet with abuse operates in a far more efficient manner. For example, DDoS attacks, which are usually supported by compromised systems within your network, often last only a few minutes but can lead to substantial loss of revenue for your customers. If the attack lasts for hours, this can be considerably worse. This was confirmed in a report from the Ponemon Institute, which showed that the cost of a data center outage has increased from $505,502 in 2010 to $740,357 in 2016.
A cleaner network also means less bandwidth being used for attacks and more bandwidth for users’ legitimate business. So it’s not surprising that customers prefer service providers with effective abuse handling solutions in place.
How to offer your customers the best in network abuse handling
To stand out from the crowd, it’s that service providers offer customers a layered security solution. In the past, firewalls were an adequate defense; but today application-level attacks can get behind firewalls and cause significant damage. To address this type of network abuse servicer providers need to do the following:
- Implement network segmentation: This involves splitting your network into units and securing these sub-networks individually. This limits the impact of attacks on your network and your customers. It might also be a good idea to segment different types of customers, like residential and business or different types of product categories like root servers and managed hosting.
- Track all critical systems and infrastructure: Create an inventory of your most important systems and infrastructure. Include all firewalls, distribution switches, servers, and routers. Then put monitoring and alerts in place for all these items, so you are informed immediately if they are under threat. Make this information available for your abuse team. Between 10% and 15% of all attacks on service provider Infrastructure come from within your own network. In this case your abuse team can help mitigating the compromised hosts and lower the attack load immediately. In case of attacks from external networks, consider reporting these attacks back to the abuse desk of the originating network operator in order to give them a chance to clean up as well.
- Gain access to supplemental data: Today’s vulnerabilities lie in data and lack of access to relevant data. According to Computer World, “5 Gbits must be analyzed every second to detect cyber attacks, potential threats, and malware attributed to malicious hackers”. To ensure your abuse team has a comprehensive view of all abuse threats, make sure you can track who is connecting to your critical systems and what data they are downloading or uploading. Make sure you know which files are being accessed on your fileshare and what database queries are being run.
- Run the latest antivirus and malware software: Malware can lie dormant in your network for weeks before causing any damage. The best antimalware protection programs check data upon entry and constantly track files to ensure malware hasn’t become active once it is in your network. Offer the latest antivirus and anti-malware software to your subscribers so they can clean up their systems from their side.
Grow Your Business Through Effective Abuse Handling
Effective network abuse handling positions your service provider as an organization that cares about both your infrastructure and the service you’re offering to your customers. By protecting their infrastructure, you protect and build your own reputation.
A solution like AbuseHQ from Abusix will provide you with one easy-to-use platform that puts all your inbound network abuse, security reports, and actions in one place. Faster insights and improved data ensure your abuse team can quickly access insights that would normally be buried inside your network abuse reports, allowing you to take real-time, decisive action that improves your business service and customer safety.
For more information on how Abusix can help you resolve up to 99% of network abuse incidents, get in touch with a network abuse specialist today.