Dealing with increasingly frequent DDoS attacks
More than ever, companies are dependent on the availability of their internet connectivity. Without access to the internet, most organisations are unable to function and are exposed to significant losses.
Everyone should be aware of the importance of this issue and it is important that everyone protects themselves against DDoS (distributed denial of service) attacks. These are threats that are precisely aimed at isolating an organisation from the internet, by sending it a greater volume of traffic than its systems or the lines giving it access to the internet are capable of absorbing. Such attacks can also result in a large flow of requests being sent to an application in order to crash it.
The many consequences of a DDoS attack
By generating and directing fake internet traffic to an IP address, an attacker can easily paralyse an entire company.
As the lines and systems are saturated, it is impossible to send or receive an e-mail or make a phone call, as telephone communications now pass through the internet.
A DDoS attack may also result in a loss of income. For an e-commerce website, a volumetric attack will prevent legitimate customers from accessing the service and carrying out transactions from the company’s website or app. Such attacks, which are particularly visible if the company is heavily exposed to the internet, could damage an organisation’s reputation, undermining users’ trust.
Increasingly frequent DDoS attacks
As the number of smart objects multiplies, it has never been easier to set up a DDoS attack. Malicious operators have made a lucrative business out of it, offering anyone the opportunity, in exchange for a few euros, to direct a somewhat significant volume of fake traffic towards the target of their choice. These cyber criminals have taken the trouble to compromise resources around the world, from which they can generate and direct fake requests to the IP addresses of target companies.
The number of DDoS attacks in Luxembourg is growing. If their purpose is to harm or disrupt an organisation’s activity for a period of time, a ransom request may be sent. They often also conceal multi-vector attacks. While a company is contending with a massive flow of traffic, attackers exploit other ways of stealing or modifying the integrity of data.
How should DDoS attacks be dealt with?
Businesses and institutions must take steps to protect themselves, given the growing capacity of cyber criminals to send them massive volumes of fake traffic. The challenge is to stop malicious traffic as far upstream as possible, well before it saturates the company’s means of internet access. Companies must therefore work with their internet service providers, such as POST, opting for a traffic mitigation service in case of a DDoS attack.
Based on an initial traffic analysis, POST’s teams will be able to define what constitutes legitimate traffic for an organisation. From this starting point, flows may be monitored with a view to detecting any attacks. In the event of an alert or anomaly, the customer is notified and the traffic can then be redirected to POST’s scrubbing centre in Luxembourg. This is infrastructure that will be able to separate legitimate traffic from fake traffic. The solution allows customers to continue operating without suffering an onslaught of attacks, as malicious traffic is blocked before it reaches the customer’s infrastructure and applications.
Is your internet access slower? You may be under attack
The solution shows that many customers experience DDoS attacks without necessarily realising it. Not all such attacks go as far as saturating a company’s means of internet access. They can significantly reduce the level of connectivity, causing a slowdown or disruptions in the functioning of online operations. If your connection seems slower, this may be a sign of an attack.
For some companies, internet connectivity is a strategic issue. POST offers such companies the possibility of constantly passing all of their traffic through its scrubbing centre. This means that they never feel the effects of a DDoS attack.
Other articles in the category Cybersecurity
12 July 2022