Strategies and Techniques to Thwart DDoS Attacks
Distributed Denial-of-service (DDoS) attack exploits security loopholes in a network to bring down the system by flooding it with unnecessary traffic. Cyber attackers are adopting sophisticated Distributed DoS attack (DDoS) where multiple compromised machines are used to launch the attack. Kaspersky Lab, a security company, recently mentioned in its DDoS Intelligence Report for Q2 2016 report about the shutdown of crypto-currency wallet providers, CoinWallet and Coinkite, due to frequent DDoS attacks on their servers.
The DDoS Attack
Cyber security experts have developed software to limit the damages of a DoS attack, but still, hackers are capable enough to open a new gate once the old one closes. According to the ddosattacks.net, the results of a survey last month suggest that 80 percent of IT security professionals believe that their organization will be threatened with a DDoS attack in the coming 12 months.
Recent studies also revealed that DDoS attacks are being used as a precursor to ransomware attacks. A survey carried out by the Kaspersky Lab and B2B International has demonstrated that in almost 75 percent of attack incidents, DoS attacks coincided with other IT security incidents. They also found that 77.4 percent of targeted attack resources this year were located in China.
Identification and Precaution
Unlike other cyber attacks, tracking a DDoS attack is not easy. The increasing sophistication of the DoS attacks can escape the radar undetected by the DDoS mitigation systems. However, abnormally slow network performances, odd website unresponsiveness and remarkable increase of spam can be in account of a cyber attack.
While an attack is traced, the finest security strategies to tackle the situation are patching the security flaws, running an intrusion prevention system and updating the firewall systems. Moreover, keeping a watch on the TCP/IP stack is also important. Setting up an Intrusion Detection System that is resistant to DoS attacks may also help in preventing DoS attacks.
As part of the best practice, always maintain a hardcopy of audit trail of the network that describes all the structure and updates in the network infrastructure. Another best practice is to keep users aware about the network, the initial procedures to identify traces and emergency practice to follow when an attack is detected. Google Ideas and Arbor Networks collaboratively introduced the Digital attack Map that displays the live graph of DoS attacks against websites around the world. The tool contains attack traffic data helping users explore historic trends and find reports of outages happening daily.
The DoS Intelligence system by Kaspersky Labs is designed to intercept and analyze commands sent to bots from command and control (C&C) servers. The application gathers data to identify threats and initiate security even before the user devices are infected.
Several DoS prevention systems like Cloudflare, F5 Networks Silverline, Arbor networks, and Cisco DoS solutions are effective in securing networks against such attacks. The Cisco solution developed with active mitigation potentials claims to offer complete protection against all types of DDoS attacks. The system can efficiently detect attacks and separate malicious traffic from legitimate traffic.
While technology is evolving, numerous mechanisms to defend DoS attacks are being developed. The remedy to be safe from DDoS attacks is to set up a DDoS mitigation system that can detect and prevent them. However, despite the security parameters implemented, the uniqueness of DDoS attacks still remains a torment to the network administrators.
By Dr. John Bates, CTO, Intelligent Business Operations &...
By Denise Zabawski, CIO, Nationwide Childrens Hospital
By Cynthia Weaver, A.V.P of IT, Walbridge
By Kris Lappala, CIO, Kiewit
By Sherry Aaholm, VP & CIO, Cummins [NYSE:CMI]
By Leo Casusol, CIO, Liquidity Services
By Joe Fuller, VP/CIO, Dominion Enterprises
By Dennis Fiszer, CCO, HUB International
By David Butler, Sr. Director, Digital Customer Experience,...
By Mark Jacobsohn, SVP, Booz Allen Hamilton
By Miguel Gamino, CIO & Executive Director-Department of...
By Jonathan Reichental, CIO, City of Palo Alto
By Pam Puetz, VP & HR Services, First American Financial...
By Aref Matin, CTO, Ascend Learning
By Jim Sills, CIO/Cabinet Secretary, State of Delaware
By Jesse Laver, Vice President Global Sector Development,...
By Andy Newsom, CIO, CSL Behring
By Jason Cook, CISO, BT Americas [NYSE:BT]
By Jim Grubb, VP Marketing & Chief Demonstration Officer, Cisco
By Don Lindsey, VP and CIO, Tallahassee Memorial HealthCare