BANGALORE, INDIA: Each year, the threat landscape seems worse than before – almost to the point of being a cliché. Yet, security challenges continue to emerge, with changes in the technology landscape and evolving sophistication of attackers. One attack technique, though, continues to challenge organizations the world over and in India – the distributed denial of service (DDoS).
In fact, a recent Symantec report found that only one in two Indian critical infrastructure providers is prepared to deal with attempts to shut down or degrade their networks.
DDoS attacks continue to be a significant threat to organizations due to their ability to bring down critical information networks and cause financial damage. More significantly, DDoS attacks help the perpetrators make a statement. Since DDoS attacks can be launched from anywhere, harnessing the power of millions of zombie machines that are unknowingly brought into bot networks, it is also difficult to bring the attackers to justice.
DDOS attacks are an unfortunate reality for our digital world. However, there are many countermeasures available to prevent or minimize the effectiveness of a DDOS attack, such as SSL accelerators, additional hardware, clean pipe solutions, and more. It is also a very good idea to run malware scans and vulnerability assessments across your network to help protect your assets against a malware infection that could contribute to the effectiveness of an attack.
A truly effective DDOS attack often uses malware to take over an otherwise legitimate machine as a bot to help propagate the attack. DDoS attacks come in a variety of forms and aim at a variety of services. Symantec recently detected a new Trojan – Darkshell, which infects unprotected computers and harnesses them into an army of bots to enable attackers to perform DDoS attacks without the victim’s knowledge.
As cyber threats have an increasing impact on the business, CISOs play a critical role in ensuring a strategic approach to preventing and remediating risks. To reduce exposure from DDoS attacks and protect your computers and your information, following measures are important to mitigate such attacks:
A. Keep software up to date
Administrators should keep corporate images updated with the latest software versions. Many breach investigations show that DDoS occurred because of older, unpatched versions of software applications. Keeping software up to date helps reduce the attack surface and limits exposure to malware infections and information leakage. Consider security solutions that use standardization, workflow and automation for inventory, asset, and patch management.
B. Deploy comprehensive end-point security
A traditional signature-based antivirus product will only examine files as they sit on your system and this type of product on its own is insufficient for protection in today’s threat landscape. Due to the polymorphic nature of the threats in attack toolkits for DDoS, a new approach to secure your desktops and endpoints is required. Deploy a comprehensive end-point security that includes additional layers of protection, uses reputation based security and is optimized fir virtual environments.
C. Use a firewall
A well-configured firewall is able to prevent most attacks. Firewalls are one of the most important screening devices on a network. Even though they are targets themselves for DoS attacks, they are useful as a defense countermeasure in protecting an environment connected to a network.