With the current crisis in Ukraine increasing the focus on attacks against government systems, it is critical to continue to ensure that your systems and networks remain secure against threats, both internal and external.
One of the main tools currently being employed to disable computer systems is the use of Distributed Denial of Service (DDoS) attacks. But, what exactly is a DDoS attack? And what makes it an effective tool for hackers?
In computing, a Denial of Service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a system or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of Service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some, or all, legitimate requests from being fulfilled.
In a DDoS attack, the incoming traffic flooding the victim's machine originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.
According to Verizon's latest Data Breach Investigation report, "DDoS is the most common attack across incidents. However, don't let this volume concern you, as this is often one of the easiest threats to mitigate effectively."
This report showed that there were 14,335 incidents that included DDoS from 2016 to 2020. However, most of these incidents only resulted in the slowing down of services and system performance.
First, you should determine what DDoS mitigation may already be in place. A good place to start is with your Internet Service Provider (ISP).
Also from the Verizon Data Breach Investigation report,
"One reason DDoS attacks aren’t more of a threat is that those packets have to cross a lot of internet to get to you. DDoS is getting blocked at various places, from Internet Service Providers at the start of the trip, to Autonomous System Numbers (ASNs) in the middle, to Content Delivery Networks (CDNs) that your site might sit behind. All have a hand in mitigating the attack."
So, the first step should be to reach out to your ISP to determine if they are providing DDoS mitigation. This may be an additional service, so it is important to check now and get ahead of the problem before it occurs.
There are other ways to protect your systems and networks from DDoS attacks, including having multiple Domain Name System (DNS) providers and Multiple ISPs.
Some of the solutions that Data Networks provides for our customers include:
Data Networks offers many different customized solutions to boost your cybersecurity and keep your systems safe from attacks.
Other methods should be employed in your existing perimeter solutions as well. Some important ways to protect yourself are ensuring all external services are disabled whenever possible and continually applying security patches, firmware updates, and software updates on your perimeter equipment and systems.
Finally, you should always be following vendor recommended configurations for security and perform regular assessments of your internal and external networks and systems.