Prepare for the rise of dDoS attacks By Rajarshi Purkayastha,Head,Pre-Sales,India and MECAA,Tata Communications

Prepare for the rise of dDoS attacks

Rajarshi Purkayastha,Head,Pre-Sales,India and MECAA,Tata Communications | Wednesday, 17 June 2020, 13:08 IST

  •  No Image

The COVID-19 pandemic has kept enterprises and their IT teams busy finding quick and effective ways to run their business while protecting their customers, partners and employees. Where some industries have been heavily impacted, others are striving and making every effort to maintain business continuity and not let this pandemic effect their services.

Network, video conferencing, OTT services, online medical consultation, hospital connectivity and communication – these critical services have never been more important than they are today – enabling businesses and essential services to function at a crucial time as people around the world try to find a semblance of normalcy through technology.

Protect what matters

Most governments have mandated organisations to have their employees work from home. There is a large section of employees across the world who now need virtual access to their corporate network and corporate assets to be able to do their jobs. But the reality is, many enterprises don’t have basic perimeter security in place such as protection against Distributed Denial of Service (DDoS) attacks.

Hackers have spotted their chance

Attackers are taking every opportunity to run DDOS ransomware attacks and/or DDOS attacks to overwhelm an organisation’s traffic and services, targeting critical workloads with the intent to disrupt operations across key industries like healthcare, government, and BFSI and IT/ITeS enterprises. A DDoS attack against an organisation is relatively easy to start and experts have estimated that running an attack can cost as little as $18 an hour using a cloud-based botnet of 1,000 desktops. On the other hand, for the organisation, a targeted DDoS against them can cost them up to thousands or millions of dollars.

In the past month alone, there have been significant DDoS attacks on government bodies in the US and Australia and on hospitals in France and the Czech Republic. Clearly, no one is spared. The US Department of Health and Human Service (HHS) was hit with a massive DDoS attack. Hospitals in France and the Czech Republic – including those responsible for COVID-19 testing – were targeted by DDoS attacks which disrupted hospital systems. The Australian government announced that its online services portal, myGov, faced a significant DDoS attack which prevented users from accessing it for several hours. A food delivery service in Germany faced a bitcoin ransom attack which prevented it from providing food delivery services to people unable to go out. These aren’t random attacks. They are targeted DDOS attacks where hackers and cyber criminals are deliberately compromising essential services such as hospitals and healthcare systems.

Enterprises aren’t safe either as these attackers are well aware of the importance of maintaining services during this time and know when best to attack and demand ransom. As work-from-home measures and lockdowns continue globally in response to COVID-19, the cybersecurity situation may well worsen.

In this COVID-19 world, there are new realities that IT teams need to understand before preparing to deal with these DDoS attacks:

1. A trend of longer and more frequent DDoS attacks is being noted. Most attackers are not successful because of new techniques, they are successful because they are persistent

2. Even with low volume attacks, VPN and firewall resources can be exhausted easily

3. SSL (Secure Sockets Layer) VPNs are vulnerable to SSL flood DDOS attacks

4. UDP (User Datagram Protocol) flood attacks can easily overwhelm VPNs

So, what’s the best defence? 

Here are few tips for you to stay safe:

· Understand the warning signs: Most DDoS attacks start as sudden spikes in traffic, and it’s recommended to check your network configurations regularly and watch out for legitimate and illegitimate traffic on your network

· Make your user-based access controls robust by provisioning for more bandwidth than needed. Keep regular checks on servers hosting most important data.  A second or third server will help offload the extra data in case of an attack on the main server

· Ensure your firewalls and routers are in modes that will prevent denial of service attacks. Enable and block SIP-based signatures firewall. If you are not using SIP services, then consider blocking the necessary ports at your perimeter

· Make use of DDoS detection programmes that will help detect a possible attack and activate a lock down for your systems before they are attacked

· Organisations should look to partner with service providers who are not only able to offer multi-layer cloud-based protection but who also enable real-time detection and mitigation, protecting critical assets using cloud signalling to raise an alarm during a volumetric attack. These service providers can help fix the gaps in your security strategy and ensure you stay current with new solutions and technology

 Are you prepared?

Many enterprises are quickly realising that while they may be behind the curve when it comes to remote preparedness, now is the time to act and address vulnerabilities in their security. Whether it’s achieved through internal resources or in partnership with a managed security services provider, those companies that tighten up their perimeters before it’s too late are the ones who will fare best in the coming weeks and months of this fast-developing situation.

CIO Viewpoint

The Cyber Security Spar in Integrating IT and...

By Vimal Goel, CIO, HPCL-Mittal Energy

Towards Cyber Resilience: A Data-Centric...

By Puneet Gupta, Vice President & Managing Director, NetApp India/SAARC

Why DDoS Attacks Are on the Rise and How Can...

By Shibu Paul, Vice President – International Sales at Array Networks

CXO Insights

Emerging Trends, Challenges & Future Prospects...

By Sujoy Brahmachari, CIO & CISO, Rosmerta Technologies

Exploring Data-First Security and Automation in...

By Maheswaran S, Country Manager - S.Asia, Varonis Systems

Securing IT-OT Converged Infrastructure

By Saurabh Sharma, SMIEEE, FIE, CEH, Chief Manager (BIS) & CISO, Petronet LNG Ltd.

Facebook