Web 2.0 applications are an emerging target for attacks, Ron Meyran, director of security products at Radware, told me recently. And we've been seeing an unprecedented number of DDoS attacks lately. Specific industries that Radware noted as targets include large financial institutions, service providers, government financial regulatory entities, non-affiliated technology infrastructures and critical infrastructure (e.g., electric, gas, Internet service providers and national power grid providers).
Education is the most important way to defend against denial-of-service attacks, Meyran said:
The problem isn't that there are too many vulnerable systems. There are too many vulnerable users. I know it sounds very basic, but users can't believe everything they read and don't believe anything offered for free. Challenge every email, even those appearing to come from friends. They may be a hoax.
So while companies should continue to advance educational efforts, Radware developed a checklist to protect networks from vulnerabilities:
Item One: Architecting the Perimeter for Attack Mitigation
Use a security-in-depth approach to fully prepare for attacks by employing an anti-DDoS security strategy that alerts and mitigates all attack traffic and essentially "cleans the pipe" - at the very edge of the organizational network.
Ensure the solution has perimeter-specific capabilities for detecting anomalous reconnaissance and intrusion activities in real-time; repelling all application-level attacks; discriminating between legitimate and illegitimate traffic; and a logging/correlation system to collect detailed attack data and quickly report.
Item Two: The Need for Complementary Security Technologies
In addition to basic IPS and firewall protection, deploy a multifaceted security solution to ensure the mitigation of known and unknown attacks successfully. Inclusive of:
Item Three: Be Prepared for a Counterattack - Active Defense Requires, At Times, Offense
Devise a sound plan to integrate skilled technicians into the real-time events to ensure that the tools, alerts, correlation and mitigation are being handled properly.
Ensure that teams are ready to provide immediate assistance and active mitigation or counterattacking defense actions as soon as the system is under attack.
Active defense is the concept of a proportional counterattack to smolder last vestiges of the DDoS attack and to provide for some necessary closure to a painful incident.