How to protect your Company from a Denial of Service Attack

Just like in a storm, a Distributed Denial of Service Attack attempts to prevent access to your company by “fogging” the access to it.

By Jorge M. Ph.D., Network Security Engineer

DDoS attacks were way up year-over-year in the second quarter as people continue to work from home.

According to the latest Kaspersky quarterly DDoS attacks report, the number of distributed denial-of-service (DDoS) attacks spiked in the second quarter of 2020, researchers said. DDoS events were three times more frequent in comparison to the second quarter last year (up 217 percent), and were up 30 percent from the number of DDoS attacks observed in the first quarter of 2020.

What is a DDoS attack?

 A Denial of Service (DoS) attack is a malicious attempt to affect the availability of a targeted system, such as a website or application, to legitimate end users. Typically, attackers generate large volumes of packets or requests ultimately overwhelming the target system. In case of a Distributed Denial of Service (DDoS) attack, and the attacker uses multiple compromised or controlled sources to generate the attack.

In general, DDoS attacks can be segregated by which layer of the Open Systems Interconnection (OSI) model they attack. They are most common at the Network (layer 3), Transport (Layer 4), Presentation (Layer 6) and Application (Layer 7) Layers.

“DDoS attacks can be used not only to create visible problems for your company. They can also be used to hide other attacks that may be happening by giving your security team a more visible problem to solve”

What are the main types of DDoS attacks?

  • Volumetric attacks. This is the most common type of DDoS attack. A bot overwhelms the network’s bandwidth by sending huge numbers of false requests to every open port.
  • Application attacks. This type of DDoS attack targets the applications that users actually interact with. It interferes directly with web traffic by attacking the HTTP, HTTPS, DNS, or SMTP protocols.
  • Protocol attacks. Protocol attacks are usually targeted at parts of the network that are used for verifying connections.

How can you protect your company from a DDoS attack?

Because DDoS attack happen outside your network, you can treat them how you will treat a flood that is threatening your physical location.

  • Have a plan:  On the same way that everybody who lives near a river, lake, or sea knows that eventually they may get flooded, everybody on the internet is at risk from a DDoS attack. The first step is to be aware that it can happen and to have a plan to deal with it when it happens.
  • Know what is normal and what is not: You need to know what is normal in regards to internet traffic to your company, in order to know when you have to pull the emergency plan. Your security event management solution should be able to alert you when a DDoS flood is starting to hit your company site.
  • Know your vulnerabilities: Do you know which services can be impacted by a DDoS attack? Do you know how can they be affected? Knowing what can be affected can help you define what you need to do to protect yourself from it.
  • Develop and Practice your Safety Plan: And just like with any other disaster (natural or not) have a plan to deal with it, and test it until you are sure it works. There is nothing worst than reaching out for a fire extinguisher to put off a small garbage bin flame, only to see that it does not work or is for the wrong type of fire and see the whole place go up in flames because of it.

“Waiting to learn more about how to deal with a cybersecurity threat, when it is happening; is just like trying to figure out if your insurance covers floods or a hurricane when it’s at your door. If you wait that long, it is usually too late to do anything about it.”

But I’m a Small Business what can I do?

One of the biggest security problems today is the lack of qualified cybersecurity professionals. Just in the US there are over 340,000 security industry unfilled jobs today, and the number is only expected to increase in the next few years.  The majority of small business have a “computer” guy or gal that can help them deal with the day-to-day challenges of running their business applications, but they may not be qualified to help them with cybersecurity. Yes they installed your router and firewall, but actually the majority of the companies that have been hacked already had a “firewall” and are using a “free antivirus”, and guess what (they still got hacked).

The reality is that modern hackers are using AI driven tools to find and exploit vulnerabilities that you may have in your router or in your computers and smartphones. That’s their livelihood and that’s how they make their money. Unless cybersecurity is your focus, most probably you (or your computer company) it is not up to speed on the latest threats, and that’s when we can help.

CySeSo: CyberSecurity Solutions for SMB.

With over 20 years of global experience in IT and network security, and with partnerships with the leading companies in cybersecurity we can help you protect your network without having to change your current IT service provider. From healthcare (HIPAA) to Finance (PCI/DSS), and from Digital Nomads with virtual companies; to classical office based companies; we have solutions that can help protect your business from cybercriminals starting today.

If you have any questions about cybersecurity, or for a free consultation and a free trial of our cybersecurity protection package contact us at any time.