As part of our experts Comments Series, Dr Guy Bunker, CTO at Clearswift Cyber Security commented below on the subject of the recent use of DDOS attacks on the messaging app Telegram, which the founder of Telegram states was a concerted state-sponsored attack intended to disrupt the Cantonese anti-extradition protests. Dr Bunker discusses the ways in which the attack may have been carried out, as well as how firms can protect themselves from such attacks.
“DDoS attacks can be carried out in a number of different ways, and it has become increasingly simple to ‘hire’ a botnet to carry out the attack by multiple means which makes it more difficult to prevent. Programmes such as LOIC has been around for many years and so can be mitigated relatively well against using network filtering – which many of the larger internet based applications, e.g. messaging apps, already have.
For larger application providers, success against a DDoS attack is a question of numbers, is it possible to filter out the junk requests and increase the bandwidth available to ensure that the service stays up for legitimate users faster than the number of junk requests which are being sent to take the system down. For smaller providers, particularly those who do not have their own datacentres, they will have imposed bandwidth limitations that can be more easily taken out by the attacker.
Organizations who rely on cloud based applications need to ensure that they ask questions of the provider around security. While this is often about data loss and how it can be prevented, they should also ask about DDoS and what monitoring and controls are in place to prevent a DDoS attack. Within the cloud (and depending on the application), it is entirely possible for an attack to be launched against *another* customer of the same service, which brings down the service which will then impact your organization. Ensuring that the provider has adequate DDoS detection and prevention in place needs to be part of the evaluation of that service.”
Bob Noel, VP of Strategic Relationships at Plixer:
“This was a typical DDoS attack and while the latest data shows that the number of attacks are down, many are lasting longer, leading to greater disruption of the business. When under attack, it is important for network and security teams to quickly understand the type of DDoS attack they are experiencing —e.g., volumetric-, application-, or protocol-based. There are many types of DDoS, and being able to recognize the variety helps teams know how to stop them. Network traffic analysis provides visibility needed to do this, helping businesses find the root cause quickly, stop the disruption, and return to normal. This keeps the business operational and customers happy.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.