• Home

  • Software

  • DDoS attacks are the new cyber Boogeyman (II)
2
DDoS attacks are the new cyber Boogeyman (II) Defeat your enemy: the DDoS Post-Apocalypse A study conducted by Cisco, with regard to the threats facing the Internet, indicates that the total number of DDoS attacks in 2020 will be of 17 million (in contrast to the current number of 6.6 million). This is a second predictive statistic of the zombie cyber-apocalypse. Therefore, the current context obliges us to change our view on the cyber-threat landscape. Those hackers favoring the use of DDoS attacks no longer discriminate among their victims. Whether you’re a banking entity or an international journal, the mechanics are the same and push companies towards implementing anti-DDoS measures. First of all, it is highly important to integrate the threat posed by DDoS attacks in your incident response plan and detail the procedure in case of occurrence. These procedures must be simulated once or twice per year (much like fire drill exercises) to ensure that they are well mastered. One will agree that it is useless to read an instruction manual for a fire extinguisher in the aftermath of a fire. Meanwhile, establish a precise inventory of your own network infrastructure. To identify DDoS attacks more quickly, we must first know the tension experienced by the network under normal conditions and, only then, can we move on to monitoring weak signals (deviations from the standard; for example, if your company is not at all expecting to undergo a high traffic from an Asian region, it can be that this is an indicator of a suspicious behavior). The main principle of an identified risk is to ensure that it does not occur. There are various solutions that can be implemented to mitigate DDoS attacks and even technical means meant to prevent them altogether. Better safe than sorry, right? In the case of DDoS attacks, there’re really not that many options besides prevention. No tool is currently able to completely block these incidents. As such, we are obligated to know and understand the recommended best practices and to react effectively during their deployment. Tools such as firewalls and load balancers (also known as filtering at the network borders) are part of the infrastructure’s first line of defense against DDoS. They can, in some cases, contribute to the absorption of DDoS attacks that generate a relatively low traffic. These solutions are based on a specific traffic filtering and can also limit the number of queries per IP address source. Nonetheless, filtering rules can be difficult to define and we must be aware that a simple firewall cannot thwart a DDoS attack (read here our previous article on the limitations of a firewall). Organizations can also employ DDoS specific filtering equipment, which, in addition to its white list and black list filtering functions, can create rules based on geolocation sources, limit the number of queries in time (for a web page) and even determine the alerting process (an alert will be sent out according to the number of queries per second or bandwidth in use).

DDoS attacks are the new cyber Boogeyman (II)

Embed Size (px)

Citation preview

Page 1: DDoS attacks are the new cyber Boogeyman (II)

DDoS attacks are the new cyber Boogeyman (II)

Defeat your enemy: the DDoS Post-Apocalypse

A study conducted by Cisco, with regard to the threats facing the Internet, indicates that the total number of DDoS attacks in 2020 will be of 17 million (in contrast to the current number of 6.6 million). This is a second predictive statistic of the zombie cyber-apocalypse. Therefore, the current context obliges us to change our view on the cyber-threat landscape. Those hackers favoring the use of DDoS attacks no longer discriminate among their victims. Whether you’re a banking entity or an international journal, the mechanics are the same and push companies towards implementing anti-DDoS measures.

First of all, it is highly important to integrate the threat posed by DDoS attacks in your incident response plan and detail the procedure in case of occurrence. These procedures must be simulated once or twice per year (much like fire drill exercises) to ensure that they are well mastered. One will agree that it is useless to read an instruction manual for a fire extinguisher in the aftermath of a fire.

Meanwhile, establish a precise inventory of your own network infrastructure. To identify DDoS attacks more quickly, we must first know the tension experienced by the network under normal conditions and, only then, can we move on to monitoring weak signals (deviations from the standard; for example, if your company is not at all expecting to undergo a high traffic from an Asian region, it can be that this is an indicator of a suspicious behavior).

The main principle of an identified risk is to ensure that it does not occur. There are various solutions that can be implemented to mitigate DDoS attacks and even technical means meant to prevent them altogether. Better safe than sorry, right? In the case of DDoS attacks, there’re really not that many options besides prevention. No tool is currently able to completely block these incidents. As such, we are obligated to know and understand the recommended best practices and to react effectively during their deployment.

Tools such as firewalls and load balancers (also known as filtering at the network borders) are part of the infrastructure’s first line of defense against DDoS. They can, in some cases, contribute to the absorption of DDoS attacks that generate a relatively low traffic. These solutions are based on a specific traffic filtering and can also limit the number of queries per IP address source. Nonetheless, filtering rules can be difficult to define and we must be aware that a simple firewall cannot thwart a DDoS attack (read here our previous article on the limitations of a firewall).Organizations can also employ DDoS specific filtering equipment, which, in addition to its white list and black list filtering functions, can create rules based on geolocation sources, limit the number of queries in time (for a web page) and even determine the alerting process (an alert will be sent out according to the number of queries per second or bandwidth in use).

https://www.reveelium.com/fr/cybersecurity-lessons-not-earned/
http://www.ssi.gouv.fr/uploads/2015/03/NP_Guide_DDoS.pdf
Page 2: DDoS attacks are the new cyber Boogeyman (II)

ITrust, cybersecurity expert, offers companies the opportunity to turn on the light in their networks and confine the cyber Boogeyman in its dark corner once and for all. Our team goes beyond the mere processing of IT incidents and provides companies with a managed Security Operation Center (SOC). Our SOC engineers use the latest technology (read our article on Reveelium, behavioral analysis tool here), capable of analyzing, storing and monitoring, in real-time, the security level on your servers, routers, applications, databases, websites. This ability to understand and analyze the observable events occurring within an information system plays a vital role in detecting DDoS attacks and in the construction of a network vulnerability correction plan, to prevent such incidents in the future.

Link:

https://www.reveelium.com/en/ddos-attacks-the-cyber-boogeyman-part-ii/

https://www.reveelium.com/en/ddos-attacks-the-cyber-boogeyman-part-ii/
https://www.itrust.fr/Reveelium-solution-innovante-analyse-cybermenaces
https://www.itrust.fr/centre_de_controle_de_securite
https://www.itrust.fr/centre_de_controle_de_securite

DDoS Threats Landscape : Countering Large-scale DDoS attacks

DDoS Threats Landscape : Countering Large-scale DDoS attacks

Internet
Practical steps to mitigate DDoS attacks

Practical steps to mitigate DDoS attacks

Technology
DDoS Attacks Against Global Markets - Akamai€¦ · Prolexic White Paper | DDoS Attacks Against Global Markets 5 Specific DDoS attacks and market movements (by date) PLXSert has

DDoS Attacks Against Global Markets - Akamai€¦ · Prolexic White Paper | DDoS Attacks Against Global Markets 5 Specific DDoS attacks and market movements (by date) PLXSert has

Documents
Ddos Attacks 20420

Ddos Attacks 20420

Documents
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks · PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center . Overview: What is a “DDoS” DDoS

PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks · PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center . Overview: What is a “DDoS” DDoS

Documents
(SEC306) Defending Against DDoS Attacks

(SEC306) Defending Against DDoS Attacks

Technology
DDoS Protection Place For DDoS Attacks

DDoS Protection Place For DDoS Attacks

Internet
4 DOS & DDOS a Terrific Attacks

4 DOS & DDOS a Terrific Attacks

Documents
Denial of Service Attacks (DoS/DDoS)

Denial of Service Attacks (DoS/DDoS)

Technology
Packet Flooding DDoS Attacks

Packet Flooding DDoS Attacks

Documents
DDoS Attacks - Scenery, Evolution and Mitigation

DDoS Attacks - Scenery, Evolution and Mitigation

Internet
IoT DDoS Attacks Show The Stakes Have Changedindex-of.es/.../IOT-DDos-attacks-show-the-stakes-have-changed.pdf · IoT DDoS ATTAckS Show The STAkeS hAve chAngeD Internet-of-Thing (IoT)

IoT DDoS Attacks Show The Stakes Have Changedindex-of.es/.../IOT-DDos-attacks-show-the-stakes-have-changed.pdf · IoT DDoS ATTAckS Show The STAkeS hAve chAngeD Internet-of-Thing (IoT)

Documents
Attack Spotlight: Multi-vector DDoS Attacks

Attack Spotlight: Multi-vector DDoS Attacks

Technology
SENSS Against Volumetric DDoS Attacks

SENSS Against Volumetric DDoS Attacks

Documents
DDoS Attacks Against Global Markets DDoS Cyber-Attack Prolexic PPT PDF

DDoS Attacks Against Global Markets DDoS Cyber-Attack Prolexic PPT PDF

Documents
DDoS And Web Applications Attacks

DDoS And Web Applications Attacks

Documents
Are you safe from DDoS attacks?closing down your business applications. DDoS diversion attacks - can be Volumetric, Exhaustion or Application DDoS attacks which are used to divert

Are you safe from DDoS attacks?closing down your business applications. DDoS diversion attacks - can be Volumetric, Exhaustion or Application DDoS attacks which are used to divert

Documents
NEAR REAL TIME DNS REPORTING MITIGATES DDOS ATTACKS...N ˜TI DNS PTING ITIGATS DDS TTACKS 2 DDOS ATTACKS ARE GROWING Distributed Denial-of-Service (DDoS) attacks are powerful forces

NEAR REAL TIME DNS REPORTING MITIGATES DDOS ATTACKS...N ˜TI DNS PTING ITIGATS DDS TTACKS 2 DDOS ATTACKS ARE GROWING Distributed Denial-of-Service (DDoS) attacks are powerful forces

Documents
SANOG21 DDoS Attacks PreparationDetectionMitigation

SANOG21 DDoS Attacks PreparationDetectionMitigation

Documents
Lecture 7 DDOS Attacks

Lecture 7 DDOS Attacks

Documents
DDoS Attacks 101 - Vistnet DDoS Protection & Mitigation ...€¦ · DDoS Protection Company V DDoS Attacks 101 eserved. 7 In the meantime the quality of DDoS attack software is improving;

DDoS Attacks 101 - Vistnet DDoS Protection & Mitigation ...€¦ · DDoS Protection Company V DDoS Attacks 101 eserved. 7 In the meantime the quality of DDoS attack software is improving;

Documents
DDoS Attacks & Mitigation

DDoS Attacks & Mitigation

Documents
DDoS amplification attacks with game servers

DDoS amplification attacks with game servers

Technology
DDoS Attacks

DDoS Attacks

Technology
DoSs, DDoS, DrDoS Attacks

DoSs, DDoS, DrDoS Attacks

Internet
DDoS Attacks and Countermeasures

DDoS Attacks and Countermeasures

Technology
Defending Against Spoofed DDoS Attacks

Defending Against Spoofed DDoS Attacks

Documents
DDoS Protection Protecting Against The DDoS Attacks Since 2007

DDoS Protection Protecting Against The DDoS Attacks Since 2007

Internet
DDoS Attacks : Preparation Detection Mitigation

DDoS Attacks : Preparation Detection Mitigation

Internet
Ddos Attacks

Ddos Attacks

Documents