What Is DDoS Attack?
Distributed denial-of-service attacks, commonly referred to as DDoS attacks, have become a growing concern for organizations with business-critical websites. DDoS attacks are cyber attacks intended to make websites or network resources inaccessible to their users by sending a massive illegitimate traffic volume to a target server. In recent years, politically motivated attackers have used DDoS attacks to effectively take down high profile websites from the Internet. The financial industry (including banks and credit unions) in particular has proven to be a frequent target for these kinds of attacks. According to a recent CUNA announcement* and research by Ponemon Institute**, banks and credit unions should heighten their cyber security as DDoS attacks are expected to increase, and each new attack wave might come with a different tactic. While attacks targeting high profile financial institutions are more commonly published, smaller financial institutions are not immune to this threat. They too, have been directly targeted and indirectly affected through the resulting congestion and collateral damage of DDoS attacks.
While DDoS attacks rarely affect the underlying security of a website, a successful attack will severely limit its availability, which can negatively impact end user experience. Further, the resulting panic - both from site owners and users - may be used to strategically divert resources away from other targets. Attackers may take advantage of this diversion as a sort of smokescreen to commit other, more costly cybercrimes against another targeted organization.
Part of the growing concern for DDoS attacks is that the technical sophistication required to mount a successful DDoS attack is low. Existing tools and scripts are readily available, so a motivated attacker would only need to find usable network bandwidth and meager computing resources to execute an attack. Attackers may rely on compromised machines, or may engage in an attack from networks that they have direct access to. Foreign attackers may carry out these kinds of attacks with impunity if local authorities are unable or unwilling to pursue the matter.
How to Effectively Prevent or Mitigate the Adverse Impact of DDoS Attacks?
There is a silver lining here. Since most DDoS attacks are unsophisticated and website traffic is predictable, it is often possible to effectively prevent or mitigate their impact. Different solutions are available; prepared organizations may rely on more than one approach for a comprehensive DDoS prevention plan. The following three methods have been proven to combat DDoS attacks successfully:
- Network Perimeter DDoS Protection - Perimeter protection identifies DDoS traffic based on known patterns and prevents it from ever reaching the target organization’s web server. This is important because many attacks don’t consume total bandwidth, but rather consume servers’ ability to respond to legitimate requests. This solution may also alert website operators of an attack so that they may proactively monitor the situation.
- Site Replication and Failover - Automated site replication and failover to a secondary network provides a simple solution to the collateral network effects of DDoS attacks as well as other issues causing website downtime. This is a general purpose but critical disaster recovery technique.
- Content Distribution Networks (CDNs) - CDNs are used to geographically distribute a website and effectively spread the effects of a DDoS attack across many nodes in the network. The attack’s adverse impact on each node will be lessened, subsequently mitigating the damage of a sustained, targeted DDoS attack.
Websites have become critical resources for organizations and their stakeholders. Whether you are a bank, a credit union, or a financial institution that requires stringent security and compliance, having a comprehensive DDoS prevention plan and continuously enhancing it as new threats emerge are critical to business survival and growth. Share with us your suggestions, questions, and/or success story on how your organization battles against DDoS attacks.
*“DDoS Group Says More FI Attacks Are Planned,” CUNA, July 25, 2013
**“A Study of Retail Banks & DDoS Attacks,” Ponemon Institute, LLC, December 2012