If there is any one fact that remains consistent when it comes to distributed denial of service (DDoS) attacks, it is this: whatever mitigation solution your security engineers implement today, hackers will find a way to defeat it within the next two years. The pain of re-engineering a security program every 24 months is dwarfed by the potential pain of DDoS-provoked outages. In 2011, these attacks cost businesses more than a billion dollars, according to the Yankee Group. So how can companies defend themselves against attacks that are growing larger in scale, more complex in nature and more damaging to corporate reputations? Start with these five strategies: 1. Get educated, and be prepared Attackers are highly educated and highly motivated. Whether they shut sites down for financial gain or idealistic causes, the hackers who may target you today will do so with complex attacks at the application layer, Layer 7, where they can deplete your server resources by imitating legitimate users. They are likely to attack websites that rely on SSL by exploiting a Web server’s limited ability to handle large amounts of HTTPS sessions. These are not the straightforward DNS reflection attacks or TCP SYN floods of yesterday 2. Learn which attacks can be defeated with which solutions In order to combat increasingly sophisticated DDoS attacks, your company needs to learn what methods attackers are embracing today and continually research the most effective tools and services for addressing them. For example, you can defeat the OSI model, and Layer 3 and 4 attacks at the network and service layers with access control lists (ACLs), policies and commercially available DDoS mitigation solutions. On the other hand, you’ll need inspection by proxy to identify and fight Layer 7 attacks. 3. Ignore attacker inquiries It’s not unusual for a hacker to contact a company as he is assaulting its websites. You might receive demands if the motive behind the attack is pure financial extortion. If the attacker views himself as more of an activist, he might contact you simply to taunt the company during the outage. The best reaction to these communications is no reaction. Ignore them. Doing so generally lowers the probability that the attack will occur, if it hasn’t already, or that it will continue, if it’s already in progress. 4. Build secure networks Let start with the basics: avoid firewalls. This old security standby maintains the connection state which can be quickly filled by an attacker, rending the system useless and making it easier to take the server offline. This makes even the largest firewalls vulnerable to even the smallest attacks. Look for a hosting provider that can manage and secure your servers or build proxies using load balancers. Load balancers such as nginx or haproxy enable your host to dampen the effect of low-and-slow Layer 7 attacks, which is particularly critical if you are on a Windows Server. Finally, it’s worth it to upgrade your networks to modern equipment. Make sure your service contracts are up to date and purchase products that have a reputation for withstanding prolonged attacks. 5. Have a contingency plan Because hackers are constantly learning and DDoS attacks are constantly changing, you could make all the right decisions and still find your company under fire. That’s why a holistic approach is important. Your business should have secure network and system architecture, onsite packet filters, additional mitigation capacity with a third-party service, and skilled security staff. If you don’t have an in-house security expert, it is all the more essential that you have a DDoS mitigation service on call. Such a partner should be available on short notice and dedicated to helping you during a worst-case-scenario attack. Effective DDoS mitigation doesn’t come down to one solution, one partner or one vendor. Defending your company against attacks requires that you stay educated, stay prepared and stay vigilant. A hosting service with the right DDoS partner can be a valuable asset in your company’s business continuity plan (BCP). Whether you decide to manage your security on-site or outsource it, make sure that you build a DDoS mitigation strategy that accounts for your company’s specific needs, as well as the ever-evolving nature of attack scenarios. Source: http://www.itproportal.com/2013/12/03/5-ddos-defence-strategies-every-company-should-know/
Read More:
5 DDoS defence strategies every company should know
Afrikaans language activist group Praag intends to lay criminal charges against people responsible for attacking its website, the group said on Thursday. Pro Afrikaans Action Group (Praag) founder Dan Roodt said the website and servers had been under a “distributed denial of service” (DDOS) attack, causing disruptions since Tuesday. He believed the attack was aimed at bankrupting Praag and its service provider through the consumption of bandwidth and damage to network infrastructure. “We are going to lay charges with the SA Police Service under the Electronic Communications and Transactions (ECT) Act 25 of 2002 for the DDOS attack against us, but also against those anonymous individuals slandering us on Facebook, social media, and in relation to potential advertisers on our site,” said Roodt. On Sunday, Rapport reported that Google had decided to stop channelling advertising to Praag, and this threatened the future of the website. Roodt told the paper that Praag made thousands of rands from advertising on its website, and would not be able to function without advertisers. He said Google told him that Afrikaans was not a recognised advertising language and it could channel advertisements only to the English version of the Praag website. Roodt, however, alleged that a woman who opposed Praag was behind the problem. He claimed the woman had started a “malicious and fanatical” Facebook group called “Speak Out Against the Website Praag”. In a letter she reportedly posted on the social media network, she accused Praag of being racist and of spreading hate speech, and shared the letter with companies she claimed were helping it spread this message by advertising on the website. On Thursday, Roodt said he had the backing of supporters to take on the attackers. “We will not be using the distasteful and underhanded techniques of our opponents but will be defending ourselves in an open, transparent and legal manner,” he said. Source: http://www.iol.co.za/news/crime-courts/charges-pending-after-praag-web-attack-1.1607313#.UoTwduLrKb4