Network-assessment

A Distributed Denial of Service (DDoS) is a cyber attack that causes a website or online service to crash and become unavailable for a certain amount of time. These attacks use multiple compromised systems to target a single website causing a denial-of-service to users of the affected site.

A DDoS attack is known to affect a wide variety of institutions and other prominent internet sources like financial institutions, online news sources, and many others. Just last week, authorities added a Mexican political party’s website to the growing list of sources affected by a DDoS attack

In the midst of the recent final presidential debates for the upcoming Mexican presidential elections, a DDoS cyber attack hit the website of the National Action Party (PAN). The DDoS attack caused the website to remain down for several hours.

The cyber attack happened a few moments after PAN’s presidential candidate Ricardo Anaya showed a placard that contains the website link. In a statement, PAN said that “185,000 visits were registered within 15 minutes, with the attacks coming mainly from Russia and China.”

However, cybersecurity experts noted that the countries where the most traffic was generated could be unrelated to the true source of the attack and were just used to create confusion and diversion. Despite cybersecurity experts’ failure to distinguish who was behind the attack, it already stirred up discussions regarding concerns about how cyber threats like DDoS can jeopardize cybersecurity of not just high-profile sites but of election security as well.

In a DDoS attack, incoming traffic that floods the targeted website typically come from various sources. With this huge amount of potential attackers, DDoS attacks are nearly impossible to stop especially that it’s very difficult to distinguish a legitimate user traffic from a cyber attack traffic.

There are many known types of DDoS attacks but along the most typically used forms are traffic attacks, bandwidth attacks, and application attacks. Other popular forms of DDoS attacks are Ping of Death, NTP Amplification, and Zero-day DDoS Attacks.

In a traffic flooding DDoS attack, huge volumes of TCP, ICPM and UDP packets are being sent out to the targeted network. What’s worse about this DDoS attack type is that it has the potential to be accompanied by another malware threat which will cause additional damages to the infected network

Despite the possible troubles of a successful DDoS attack, many institutions still lack proper precautions and strategy to protect their critical network infrastructure against this kind of cyber threat. DDoS attacks are difficult to prevent, but it doesn’t mean that you can’t lay out comprehensive protection so you won’t become an easy target of a possible cyber attack like DDoS.

“DDoS is preventable through runtime application self-protection or web application firewall technology,” said WhiteHat security manager Jeannie Warner. “I believe all critical services and applications fronting PII [personally identifiable information] or transactional information should have some sort of application protection beyond what a next-generation firewall or intrusion prevention system can offer.”

Post a comment