Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are increasingly becoming a problem for organizations worldwide.
DoS attack attempts to damage the availability of online services. It is accomplished by flooding a target host, network, or service with traffic until the target cannot respond or crashes, ending up blocking access for legitimate users. DDoS has similar behavior with the difference that the incoming traffic comes from multiple sources, mostly bots, which floods the network with signals over and over again, making it impossible to stop the attack by blocking a single source.
Although DoS and DDoS are often used against large business, banks it can happen to anyone even if the company is small or relatively unknown.
This week CISA and NCSC have shared a list of best practices to know how to prevent and respond to DoS and DDoS. Let’s review it!!
How to prepare and prevent DoS
- Carefully establish a plan or security strategy.
- Determinate business-critical functionalities, how to maintain it, and set priorities
- Identify what functionality can be offline while under a DoS attack.
- Review Service Provider’s prevention and mitigation strategies.
- Discuss with Service providers extra costs, pre-approved actions, and prevention arrangements such as block malicious traffic as far upstream as possible
- Establish an additional communication channel for a service provider
- Partition critical online services
- Prepare a static version of the website to facilitate continuity of the service.
- Use a denial-of-service attack mitigation service. Implement Intrusion Detection Systems, firewalls VPN, load balancing.
How to respond to DoS
- Service Provider is your first call. Discuss their ability to implement any responsive actions and their cost.
- Activate countermeasures such as ACL, limit the number of concurrent application connections (rate-limiting)
- Temporarily Transfer online service to close-based hosting.
- Closely monitor Attack Progression using the denial-of-service attack mitigation tools and services.
- Disable or remove content that enables the current denial-of-service
Find out more about DDoS attacks: Understanding Denial-of-Service Attacks – The Cybersecurity and Infrastructure Security Agency (CISA) security tips.
Allari implements customized service plans for IT Operations & Cyber-security which allow you to complete a higher volume of planned work, gain the capacity to innovate and help your business to win.
Subscribe to the best newsletter there is.
You won't regret it!