Experts offer their views on the recent cyber-attacks on Singapore brokerages, and how such DDoS attacks on the DNS could be addressed.
Over the last few weeks, significant cyber-attacks have hit several servers across the world, causing disruptions in services and organizations.
In late October 2019, at least four brokerages in Singapore were hit by DDoS attacks, among them PhillipCapital and Maybank Kim Eng.
The attacks were reported to have caused disruption to traders trying to access their brokerage’s trading platforms, lasting from 30 minutes to almost the entire duration of the Singapore market’s morning session.
EfficientIP’s recent report on DNS attacks found that the financial services sector is the most targeted industry with 88% of respondents experiencing under-the-radar DNS attacks in the past year.
Ronan David, VP Strategy at EfficientIP, said: “More organizations are moving to the cloud than ever before. In Asia, where enterprises have upped the ante to embrace digital economy in response to consumer and stakeholder demands, this risk is more evident than elsewhere: 62% of organizations in Asia Pacific have suffered application downtime associated with DNS attacks this year, the Domain Name System (DNS) becoming a favorite target for cybercriminals.”
Aaron Zander, Head of IT at HackerOne, said: “DDoS attacks are common, they happen every hour of every day. Using scrubbing techniques and solid alerting on the huge spikes in traffic are an excellent way to get ahead of these disruptive events.”
David is of the view that disruptions can be avoided with a hybrid cloud DNS environment, which will ensure businesses can still function and have 100% availability for both public and private services. “High-performance DNS servers, capable of handling millions of DNS requests, with additional layers of security against volumetric attacks such as DDoS, would bring enterprises in Asia a long way ahead, especially when they are putting their plans to realise their smart city ambitions into action,” he said.
Zander added: “There are also many tools out there that you can place services behind that will help deal with the incredible influx of millions of requests. A strong DDoS attack can bring in 50-100 million requests on your service in the span of a commercial break on TV. They have gotten smarter, and more distributed.”
DDoS attacks interrupt everything from major video game tournaments, to stock trades, to emergency services, even charities. “A recent DDoS attack I observed had hundreds of thousands of requests from hundreds of geolocations around the world,” said Zander.
He advised: “Using things like Web Application Firewalls (WAFs) can help mitigate against attacks, and there are many companies out there that offer DDoS protection.”
But he warned that “spinning up a massive DDoS attack is something almost anyone can do. There are sites out there that will accept payments for tens, hundreds, or thousands of dollars, and just need a URL to point at, that allow anyone to focus a target from these vast botnets built on the back of poorly secured IoT devices.”