A Checklist for Possible Targets of DDoS Attacks

Sue Marquette Poremba

Web 2.0 applications are an emerging target for attacks, Ron Meyran, director of security products at Radware, told me recently. And we've been seeing an unprecedented number of DDoS attacks lately. Specific industries that Radware noted as targets include large financial institutions, service providers, government financial regulatory entities, non-affiliated technology infrastructures and critical infrastructure (e.g., electric, gas, Internet service providers and national power grid providers).

 

Education is the most important way to defend against denial-of-service attacks, Meyran said:

The problem isn't that there are too many vulnerable systems. There are too many vulnerable users. I know it sounds very basic, but users can't believe everything they read and don't believe anything offered for free. Challenge every email, even those appearing to come from friends. They may be a hoax.

So while companies should continue to advance educational efforts, Radware developed a checklist to protect networks from vulnerabilities:


Item One: Architecting the Perimeter for Attack Mitigation

 

Use a security-in-depth approach to fully prepare for attacks by employing an anti-DDoS security strategy that alerts and mitigates all attack traffic and essentially "cleans the pipe" - at the very edge of the organizational network.


Ensure the solution has perimeter-specific capabilities for detecting anomalous reconnaissance and intrusion activities in real-time; repelling all application-level attacks; discriminating between legitimate and illegitimate traffic; and a logging/correlation system to collect detailed attack data and quickly report.


Item Two: The Need for Complementary Security Technologies

 

In addition to basic IPS and firewall protection, deploy a multifaceted security solution to ensure the mitigation of known and unknown attacks successfully. Inclusive of:

  • Anti-DoS and DDoS attack tools (at the network and application layers) to prevent network flood attacks.
  • Network behavioral analysis tools with real-time signature writing capabilities to defend against application misuse attacks and zero-day attacks.
  • Intrusion prevention systems against known application vulnerabilities.
  • Application-level active defense mechanisms - such as challenge and response.
  • Active emergency counter-attack strategies (Smart Hands/Man-in-the-Loop capability).

 

Item Three: Be Prepared for a Counterattack - Active Defense Requires, At Times, Offense

 

Devise a sound plan to integrate skilled technicians into the real-time events to ensure that the tools, alerts, correlation and mitigation are being handled properly.


Ensure that teams are ready to provide immediate assistance and active mitigation or counterattacking defense actions as soon as the system is under attack.


Active defense is the concept of a proportional counterattack to smolder last vestiges of the DDoS attack and to provide for some necessary closure to a painful incident.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.