Organisations have to regularly upgrade their defences against Distributed Denial of Service (DDoS), a growing cyber attack that cripples online services through overwhelming Internet traffic, Kalu Udonsi, IT Auditor at Union Bank of Nigeria PLC, has alerted Corporate Nigeria.
Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources, Udonsi told a technology security forum in Lagos.
According to the bank technology security expert, DDoS attacks now target a wide variety of important resources ranging from banks to news websites and they now present a major challenge to online access to critical Internet information.
Udonsi, the IT Auditor at Union Bank of Nigeria, in his technical presentation on “How to Defend against DDoS Attacks” delivered at the June meeting of the Information Security Society of Africa-Nigeria (ISSAN), explains that DDoS Attack is an advance form of denial-of-service (DoS) where the attacking agents are distributed over huge networks like the Internet.
[quote font=”georgia” font_size=”22″ font_style=”italic” align=”left” arrow=”yes”]DDoS attacks have become prevalent for reasons ranging from extortion through threat of DDoS attacks; anti-competitive business practices; punishment for undesired actions; expression of anger and criticisms, self-induced and sometimes, for no apparent reason at all.[/quote]DDoS attacks have become prevalent for reasons ranging from extortion through threat of DDoS attacks; anti-competitive business practices; punishment for undesired actions; expression of anger and criticisms, self-induced and sometimes, for no apparent reason at all.
Udonsi says that DDoS attacks have become a frequent mode of cyber attack while citing the latest report by online security company, Verisign that showed that in the final quarter of 2015, DDoS attacks globally rose by 85% compared with the previous year. When compared with the third quarter of 2015, it rose by 15%.
Also, another research by technology security company, Kaspersky, suggests that around a third of all DDoS attacks coincide with a network intrusion, which can lead to loss of sensitive data, he adds.
According to the Union Bank IT Auditor, measures being taken to defend organisations against DDOS attacks have now become one of the most frequent on the Internet in recent times.
“Fortunately, there are some simple defensive tactics available, all of which make a network less vulnerable to DDoS disruption”, he says, citing that you can defend against DDoS attack by dividing your network into discrete segments. By separating public and internal systems from each other, each layer can be protected by a separate firewall that limits numbers of new connections being set up, managing load balancing and bandwidth. Considering the use of packet scrubbing services will also come in useful.
“These are all well-established defensive measures, which many organisations may already have in place as part of their overall information security posture. After all, network segmentation isn’t just good practice from a DDoS defense point of view, it also protects the network against damaging APT (Advanced Persistent Threat) attacks, for example”, Udonsi told the technology forum.
As DDoS attacks continue to proliferate, it becomes clearer that organisations need additional defensive measures against them, he says.
Talking about additional defensive measures, Udonsi says that some ‘Do it Yourself’ steps could be someone writing some Python scripts that try to filter out the bad traffic or an enterprise will try and use its existing firewalls to block the traffic.
Other defensive measures include implementation of specialised on-premises equipment, Internet Service Provider (ISP) and cloud mitigation provider are some of the main types of protections that could keep DDoS attacks at bay, according to him.
Udonsi sees that DDoS attacks will continue for the foreseeable future as long as “unpatched systems remain online and easy-to-deploy DDoS tools exist.”
He advises that there is a need for multiple layers of filtering to be able to keep up with the latest threats.
“Large companies need to constantly upgrade their DDoS flood defences because some approaches that worked just a few years ago are now basically useless,” he adds, noting that cloud mitigation providers have become “logical choice” for enterprises’ DDoS protection needs.
“They are the most cost effective and scalable solution to keep up with the rapid advances in DDoS attacker tools and techniques,” Udonsi says.