Strategies and Techniques to Thwart DDoS Attacks
Distributed Denial-of-service (DDoS) attack exploits security loopholes in a network to bring down the system by flooding it with unnecessary traffic. Cyber attackers are adopting sophisticated Distributed DoS attack (DDoS) where multiple compromised machines are used to launch the attack. Kaspersky Lab, a security company, recently mentioned in its DDoS Intelligence Report for Q2 2016 report about the shutdown of crypto-currency wallet providers, CoinWallet and Coinkite, due to frequent DDoS attacks on their servers.
The DDoS Attack
Cyber security experts have developed software to limit the damages of a DoS attack, but still, hackers are capable enough to open a new gate once the old one closes. According to the ddosattacks.net, the results of a survey last month suggest that 80 percent of IT security professionals believe that their organization will be threatened with a DDoS attack in the coming 12 months.
Recent studies also revealed that DDoS attacks are being used as a precursor to ransomware attacks. A survey carried out by the Kaspersky Lab and B2B International has demonstrated that in almost 75 percent of attack incidents, DoS attacks coincided with other IT security incidents. They also found that 77.4 percent of targeted attack resources this year were located in China.
Identification and Precaution
Unlike other cyber attacks, tracking a DDoS attack is not easy. The increasing sophistication of the DoS attacks can escape the radar undetected by the DDoS mitigation systems. However, abnormally slow network performances, odd website unresponsiveness and remarkable increase of spam can be in account of a cyber attack.
While an attack is traced, the finest security strategies to tackle the situation are patching the security flaws, running an intrusion prevention system and updating the firewall systems. Moreover, keeping a watch on the TCP/IP stack is also important. Setting up an Intrusion Detection System that is resistant to DoS attacks may also help in preventing DoS attacks.
As part of the best practice, always maintain a hardcopy of audit trail of the network that describes all the structure and updates in the network infrastructure. Another best practice is to keep users aware about the network, the initial procedures to identify traces and emergency practice to follow when an attack is detected. Google Ideas and Arbor Networks collaboratively introduced the Digital attack Map that displays the live graph of DoS attacks against websites around the world. The tool contains attack traffic data helping users explore historic trends and find reports of outages happening daily.
The DoS Intelligence system by Kaspersky Labs is designed to intercept and analyze commands sent to bots from command and control (C&C) servers. The application gathers data to identify threats and initiate security even before the user devices are infected.
Several DoS prevention systems like Cloudflare, F5 Networks Silverline, Arbor networks, and Cisco DoS solutions are effective in securing networks against such attacks. The Cisco solution developed with active mitigation potentials claims to offer complete protection against all types of DDoS attacks. The system can efficiently detect attacks and separate malicious traffic from legitimate traffic.
While technology is evolving, numerous mechanisms to defend DoS attacks are being developed. The remedy to be safe from DDoS attacks is to set up a DDoS mitigation system that can detect and prevent them. However, despite the security parameters implemented, the uniqueness of DDoS attacks still remains a torment to the network administrators.