Here are some general indicators of compromise, and four pathways to ensure tighter cybersecurity amid the latest DDoS 46m RPS attack
What is the most common attack method today? Due to their repetitive nature that can be automated by bots, distributed Denial of Service (DDoS) attacks come right to mind.
These attacks are malicious attempts to disrupt the normal traffic of a targeted server by overwhelming it with a flood of internet traffic. Some of the largest attacks the world has ever seen involved 46m requests per second (RPS).
The impact of DDoS and other forms of cyberattacks is far and wide. On a business level, they can incur huge financial losses due to extended down time, and vital services stop running. There is also the cost of remediation and compensation to victims, along with legal consequences that organizations have to bear for failing to secure their services and customer data.
Beyond the direct financial and legal risks, there are the intangibles such as the damage to the company’s reputation and the loss of customer trust which is often underestimated and has far reaching implications for the business in the long run.
Identifying symptoms of an attack
There is a plethora of options for attackers to launch their attack, and depending on the attack method, businesses should rely on different mitigation strategies to avoid compromising normal business operations.
Importantly, the first step of mitigation is to identify symptoms and detect the occurrence of an attack. Here are some tell-tale signs that signal an attack:
- Inability to access certain apps/documents
- Corrupted files
- Slow page-load times
- Unavailable web applications
- Suspicious emails
- Unusual account activity
- Inability to control devices that have been hijacked remotely. Often, ransom is demanded to return control of the device.
Whether it is an attack targeting system applications; the network; or insider threats originating from employee devices, strong vigilance and early detection can ensure that organizations will be able to effectively navigate cyber threats and safeguard the enterprise amidst an expanded threat surface area.
Just as our immune system automatically kicks in when a virus is detected, organizations can set up an immune system to constantly analyze traffic and quickly remedy any attack. Sometimes, where internal cyber resources and human talent are scarce, engage cybersecurity consultants to assist.
At the bare minimum, here are some simple steps that companies can take to kick-start their own cybersecurity journeys:
- Secure all server deployments: Protect public-facing apps and endpoints from vulnerabilities and attacks by employing a web application firewall and enterprise-grade DDoS protection in front of all servers
- Maintain data backups: Even the best-protected network can succumb to cyberattacks. Losing access to internal data and systems can cripple a business, so it is essential to maintain backups to help mitigate the impact of such attacks.
- Prioritize user education: Many data breaches occur because of user mistakes, be it clicking on a malicious link, downloading a suspicious email attachment, logging-in via a fake web portal or allowing external access to the network. Employees should be educated on best cyber hygiene practices and habits to keep the corporate network safe.
- Adopt a ‘zero trust’ philosophy: Zero trust security, when implemented with a holistic non-siloed approach, is much more versatile in detecting abnormal network traffic and sign-on. Constant revalidation is required to enforce tighter policies and prevent lateral movement of attackers across the network.
Now more than ever, it is important for organizations to treat cybersecurity as a key priority instead of an IT afterthought: they need to ensure they have in place the basic tools (solutions and software and the basic knowledge—continual employee cyber awareness education) in order to protect their systems and networks.