A DDos attack on Portland-based company Cedexis, which helps in speed delivery of content, knocked out several major French news websites including Le Monde and Le Figaro. The attack comes days after French President Emmanuel Macron said his campaign was hacked. IT security experts from ESET’s, Corero and Infoblox commented below.
Mark James, IT security specialist at ESET:
But on the same note DDoS protection is not hard and with the right information and services can in most cases be completely negated for the average attack and easily attainable as a paid service for most businesses. As so much of our business involves the internet these days if it goes down or providers are unable to provide the service we expect then trade may indeed suffer. As more and more devices are sold with insecure software installed and the means to hijack or exploit those devices becomes easier to get hold off, these types of attacks will continue to grow.”
Sean Newman, director at Corero Network Security:
“It’s another proof point for the old adage that security is only as strong as the weakest link and that organisations must ensure protection provided by outsource partners is up to the standards they expect. With the ever-increasing threat of DDoS, organisations should be asking questions of all their service providers about how they are defending against such attacks to ensure they have adequate protection against all forms of DDoS. Without this, organisations cannot be sure their critical online presence can be reliably maintained during any such attacks.”
Dr Malcolm Murphy, Technology Director at Infoblox:
Organisations who don’t know their query load will never know when they’re under attack. By using statistical support, administrators can help analyse their data for attackindicators. Whilst it may not always be clear what an attack looks like, anomalies will be more easily identifiable. IT teams should also continually scrutinise Internet-facing infrastructure for single points of failure by going beyond external authoritative name servers, and checking on the switch and router interactions, firewalls, and connections to the Internet.”