Following the news that Lloyds Bank was reportedly hit with a two-day-long DDoS attack, which led to customers being unable to check their account balances or make payments. IT security experts from Corero Network Security, ZoneFox and Infoblox commented below.
“Recent service interruptions reportedly experienced by Lloyds Bank customers are just another example of the challenges faced by today’s online businesses. Consumer expectations of 24×7 service availability have created a genuine risk of lost revenue and lasting reputation damage, as a result of a DDoS attack which means the stakes are just too high to ignore.
“Best practices around resilient local, and wide-area, network design are well understood and typically implemented as a matter of course. However, the rapid pace at which the cyber threat landscape is evolving often leaves organisations unsure of where best to invest their available security budget. As DDoS has become a significant and worrying resurgence over recent years, organisations now need to ensure this targeted threat is considered as part of their risk profiling. Where every minute offline can be easily equated to significant amounts of lost revenue, and brand damage, the cost of protection is easily justified.
“Protecting against modern DDoS attacks, requires an always-on solution, which can react to attacks in true real-time, surgically removing the attack traffic, and ensuring legitimate traffic can proceed uninterrupted – only then, can services stay online, all the time.”
“While there aren’t any clear signs that the recent attack was aided from an inside source, complacency is not a viable excuse when it comes to delivering a robust cyber security strategy. It would be advisable for a company the size of Lloyds Bank to utilise User Behaviour Analytics (UBA) to deliver rapid insights and complete transparency on user activity and data flow. If the attacks are being used as a smokescreen for further criminal activity, UBA will prove invaluable and actionable information to defend the organisation against any further setbacks.”
.
Dr Malcolm Murphy, Technology Director Western Europe atInfoblox:
“The simplicity with which DDoS attacks can be generated using DNS infrastructure is what makes them so concerning. Hackers take control of a system, and use a spoof IP address of their target to send queries to name servers across the Internet. In turn, the name servers send back responses. Were these responses the same size as the queries themselves, this wouldn’t be enough to bring about the desired disruption. To wreak the most havoc, hackers use UDP-based DNS messages (messages using Internet Protocol to get data messages from one computer to another) to amplify the query to return the largest response possible – and sometimes even bringing in help from a botnet of thousands of computers and fellow comrades – to completely incapacitate a target.
Organisations must prioritise the ever-increasing threat posed to DNS if they want to successfully mitigate the risk of DDoS attacks. The steps to reduce an organisation’s DNS threat level are relatively simple, yet can massively help reduce exposure to attacks; these include learning to recognise when a DDoS attack is taking place; scrutinising their Internet-facing infrastructure for single points of failure; distributing external authoritative name servers geographically to avoid single points of failure; and overproviding their existing infrastructure.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.