Distributed denial-of-service (DDoS) attacks have increased in both volume and frequency with no signs of slowing down. However, despite these trends, many organizations still lack the tools to mitigate risk and are becoming increasingly vulnerable to DDoS attacks. These attacks, which occur when hackers crash websites with massive volumes of fake traffic, are being used more and more by cyber criminals to commit fraud and extortion with increased complexity. Additionally, these attacks are shifting from being used primarily on banks to companies of all shapes and sizes. With DDoS attacks predicted to become more common and expensive from which to recover, Bank Info Security has provided a DDoS Defensive Checklist for the New Year:
- Incorporate all aspects of potential risk, including DDoS, in corporate security strategies
- Use continual monitoring to determine whether attackers have entered the network
- When attacks are discovered, they should be monitored but allowed to run long enough so that attack data can be tracked and shared
- Use a secured and managed Domain Name System that allows for seamless change of Internet protocols, when needed
- Identify a trusted security intelligence provider that can share information about infected and suspicious IP
- Have mechanisms in place to detect bots that use advanced techniques at the application layer
- Patch software vulnerabilities in Web-facing systems to limit the potential for application-layer attacks
- Properly configure Web-facing systems that may handle large amounts of traffic to ensure that they do not fail during a DDoS attack
- Consider the use of a DDoS mitigation provider when dealing with high-volume attacks
- Identify all Web-facing applications and ensure each is properly protected