With financial institutions underpinning whole economies, they are a choice vertical target for an impactful DDoS attack, which is the most common cyber-attack in the financial industry.
DDoS attacks typically flood online systems, such as internet banking sites or online trading platforms, with vast amounts of data in order to overload them and take services offline. They have the power to knock whole sites offline and are usually carried out by automated bots or programs.
Victims of such attacks in the past month include the British HSBC which was hit by a DDoS attack, which targeted its online personal banking services.
What is DDos?
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.
Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.
How DDoS Attacks Work:
In a DDoS attack, the incoming traffic flooding the victim originates from many different sources – potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.
Types of DDoS Attacks
There are many types of DDoS attacks. Common attacks include the following:
- Traffic attacks: Traffic flooding attacks send a huge volume of TCP, UDP and ICPM packets to the target. Legitimate requests get lost and these attacks may be accompanied by malware exploitation.
- Bandwidth attacks: This DDos attack overloads the target with massive amounts of junk data. This results in a loss of network bandwidth and equipment resources and can lead to a complete denial of service.
- Application attacks: Application-layer data messages can deplete resources in the application layer, leaving the target’s system services unavailable.
How to protect your network
- Filtering: Routers at the edge of the network can be trained to spot and drop DDOS connections, preventing them from slowing the network or the server.
- Moving: If the attack is pointed at a specific IP address, the site’s IP can be changed. This is what the White House did before a nasty computer virus tried to DDOS its site.
- Blackholing: A host may simply “blackhole” a site that is being DDOSed, directing all traffic to it to an address that doesn’t exist. This is normally a last resort.
- Cloud Mitigation Provider:Cloud mitigation providers are experts at providing DDoS mitigation from the cloud. This means they have built out massive amounts of network bandwidth and DDoS mitigation capacity at multiple sites around the Internet that can take in any type of network traffic, whether you use multiple ISP’s, your own data center or any number of cloud providers. They can scrub the traffic for you and only send “clean” traffic to your data center.
The Security team at Anglo African will be pleased to assist you in reviewing some or all of your processes that you currently have or the challenges that you might be facing. Please contact us on: firstname.lastname@example.org or 2331636.