Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Mitigating escalating DDoS cyberattacks

Issue 6 2023 Information Security

By Bryan Hamman, regional director: Africa, NETSCOUT


Bryan Hamman.

As cyberattacks, particularly those of the Distributed Denial of Services (DDoS) variety, continue to rise at an unprecedented rate across Africa, it is no longer a question of ‘if’ your organisation will be targeted, but rather ‘when’. As recently as July and August this year, businesses across African countries such as Kenya, Nigeria and South Africa have all suffered the dire consequences of these incidents.

What is a DDoS attack?

A DDoS attack is an attempt to exhaust the resources available to an organisation’s network, systems, applications, content or services by bombarding it with fake traffic, meaning that genuine users cannot gain access. This type of attack is incredibly damaging to any business dependent on the internet to function and, as we have seen in recent weeks across Africa, can affect organisations across every sector – from government to financial services, the media, telecommunications providers and more.

A business’s inability to withstand an attack and effectively and rapidly recover can be detrimental in multiple ways, with aftereffects including loss of revenue due to service downtime, compliance failures, negative impacts on brand reputation and public perception, and increased costs.

DDoS attacks are taking place continuously all over the globe, and so-called ‘bad actors’ are relentlessly improving their attack methods. This means that the ability of an organisation to maintain its availability and resilience in the face of an attack has become more critical than ever before. A vital part of this is understanding the facts, risks and latest trends around them.

Four facts about DDoS attacks

Fact one: Your cybersecurity solution might only cover some types of cyberattacks. Businesses may well have viruses and malware attacks covered but, as a type of attack that aims to overwhelm networks or servers with fake traffic, they must ask the question: “Do we have the right defences in place for something more sophisticated, like DDoS, that may not be classed as a ‘typical’ cyberattack?”

Fact two: Today’s DDoS attacks are becoming increasingly complex. At present, there are three main types of DDoS attacks:

• Volumetric attacks – designed to flood internet-facing circuits with illegitimate traffic, which might be easy to detect when larger. However, most volumetric attacks are under one gigabit per second in size and last for only a few minutes.

• State Exhaustion attacks aim to fill state tables in stateful devices, such as firewalls, VPN concentrators or load balancers, with illegitimate TCP connections. When these state tables fill, legitimate connects cease, and the services behind these devices are no longer available – thus denying service.

• Application Layer attacks are much smaller sized, very hard to detect, and will slowly exhaust resources in application servers. When these application layer resources are exhausted, the application stops.

Fact three: ISPs will not be able to stop all DDoS attacks. An internet service provider (ISP) may be able to bring a larger volumetric attack to a halt, but it is unlikely it will be able to detect those that are smaller and short-lived. The ISP will also probably struggle to identify State Exhaustion and Application Layer attacks before the damage is done.

Fact four: Having a firewall in place is not enough. There are several reasons why an organisation should not rely on firewalls alone. For instance, they offer only rudimentary DDoS attack protection, which impacts the performance of more important functionality. A firewall will also not provide detailed visibility into dropped DDoS attack traffic and cannot intelligently communicate with a cloud-based scrubber solution for mitigating large DDoS attacks.

Change and adapt… or suffer the consequences

Organisations need to constantly refine their cyber defence strategies to ensure that they can stop most attacks. Threat actors are persistently adapting their tactics, and as they cleverly up their game of attack, so must smart defenders improve their defence positioning.

For African organisations of all sizes and across every sector, learning how to choose the right approach and solution for adaptive DDoS protection – one that meets your unique needs, aligns with the realities of modern attacks, and is built on industry best practices and sophisticated solutions – is critical to ensure continued survival within the eye of the DDoS storm.

NETSCOUT helps customers worldwide defend themselves and mitigate the risk from DDoS attacks. For more information, please visit https://www.netscout.com/arbor




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

Read more...
SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Read more...
Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Read more...
Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Read more...
AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.