A DDos attack on Portland-based company Cedexis, which helps in speed delivery of content, knocked out several major French news websites including Le Monde and Le Figaro. The attack comes days after French President Emmanuel Macron said his campaign was hacked. IT security experts from ESET’s, Corero and Infoblox commented below.
Mark James, IT security specialist at ESET:
“Nowadays Distributed Denial of Service (DDoS) attacks are launched for a variety of reasons. They may be used as a voice to air one’s displeasure on your products, services or views on a certain subject or as a ransom demand in modern day extortion, or even be a smokescreen while malware or cyber-attacks are happening in the background. Due to the way DDoS attacks work (often thousands or hundreds of thousands of machines all sending requests for information) it can be difficult to determine the source of the attack and could in some cases take a while to resolve or counter.
But on the same note DDoS protection is not hard and with the right information and services can in most cases be completely negated for the average attack and easily attainable as a paid service for most businesses. As so much of our business involves the internet these days if it goes down or providers are unable to provide the service we expect then trade may indeed suffer. As more and more devices are sold with insecure software installed and the means to hijack or exploit those devices becomes easier to get hold off, these types of attacks will continue to grow.”
Sean Newman, director at Corero Network Security:
“The reported recent attacks on French news agencies, via their content delivery provider, is another example of the sophistication with which modern DDoS attacks are planned and executed. This latest attack is similar to the approach used with DNS provider DYN, late last year, and shows that attackers often have multiple options to complete their missions. And, where an attack on a single entity has the ability impact many targets simultaneously, as in these cases, the attackers can get a lot more bang for their buck.
“It’s another proof point for the old adage that security is only as strong as the weakest link and that organisations must ensure protection provided by outsource partners is up to the standards they expect. With the ever-increasing threat of DDoS, organisations should be asking questions of all their service providers about how they are defending against such attacks to ensure they have adequate protection against all forms of DDoS. Without this, organisations cannot be sure their critical online presence can be reliably maintained during any such attacks.”
Dr Malcolm Murphy, Technology Director at Infoblox:
As this latest news shows, DDoS attacks in particular are growing in both frequency and sophistication. Whilst there is no easy solution to securing DNS, there are a few steps that an organisation’s IT team can take to help mitigate and respond to DNS-based DDoS attacks.
Organisations who don’t know their query load will never know when they’re under attack. By using statistical support, administrators can help analyse their data for attackindicators. Whilst it may not always be clear what an attack looks like, anomalies will be more easily identifiable. IT teams should also continually scrutinise Internet-facing infrastructure for single points of failure by going beyond external authoritative name servers, and checking on the switch and router interactions, firewalls, and connections to the Internet.”