It seems we are never far away from the next headline about cyber leaks and attacks. With the Sony hack giving up sensitive files, password and even RSA SecurID tokens, and the publishing of Ashley Madison’s customer list, We now have Talk Talk making the headlines with hackers making off with personal and bank details for many customer.
The latest in this series saw Talk Talk subjected to what is called a Distributed Denial-of-service (DDoS) attack, whilst the team were busy firefighting, the hackers used a route to siphon data from the system. However it is looking like Talk Talk were aware of previous attempts and failed to update and take necessary steps that may have prevented this. However there is currently still a lot of speculation surrounding this latest attack.
However be under no illusion that these types of attacks are only reserved for the bigger brands, we are all at risk! Be it Zombies or the victim.
So what is a DDoS attack?
When hackers launch an attack it is with the purpose to make compute resources unavailable to its victim or as a distraction whilst other activities take place.
To carry out such attacks, hackers don’t use their own system but instead use a huge collection of infected computers (zombies) that when grouped together are referred to as a “Botnet”.
Estimates currently suggest that between 5-10% of all domestic computers may be enrolled as Zombies to a criminal network. In fact your machine might have been involved in the Talk Talk attack.
These Zombie machines rise from their slumber and together hit the domain or network of the intended victim. This increase in activity slows and even takes down the victim’s website and servers and large scale attacks can even overwhelm a countries Internet capabilities. For any business especially ecommerce this can be catastrophic in terms of trade without any other implications.
What steps can you take to mitigate risks?
1: Restrict Connectivity and Access
If you have a number of users who connect to the web directly it would be an idea to invest in a reliable router and firewall. Once properly configured these can limit connectivity and place controls on traffic and data. This allows control of traffic/data through the network only a few ports (HTT/POP/SMTP) via your firewall. Many Firewalls today also provide additional security by real-time inspection of your data/traffic to identify malicious activity and threats.
2: Increase and manage your bandwidth
With the Zombies in the Botnet increasing the traffic hitting your network and taking up all of your bandwidth, a solution can be to increase your bandwidth.
This will afford protection against smaller DDoS attacks, after all the whole attack is dependent on you not being able to handle the amount of traffic coming through. An additional tool to afford protection would be load balancing to share traffic between differing web servers and locations and additionally adding a larger amount of redundancy in your allowable traffic/data limits. However be mindful of the cost of this approach, as this can be an expensive remedy and with DDoS attacks increasing in size still may not remove the risk.
3 Choose the right ISP
With increased threats many ISPs (Internet service Providers) have solutions to try and mitigate the threats posed by DDoS. When looking at an ISP, try to ascertain what tools and protection they offer and what kind of real-time support they can deliver.
Some ISP’s have some very talented individuals working to help reduce risks and real time automated tools to try and prevent attacks having an effect.
Unfortunately we live in an age were cyber-attacks are on the increase, just take the military that invest heavily in talented individuals to perform these things from a strategic military perspective. Add to this the connected world we live in, and the ease in which individuals (even at a young age) can create and deploy malicious software to create a new horde of zombies and threats will only increase.
Cyber Security is now paramount and not just in the workplace. Companies need to have a well thought out and delivered Cybersecurity policy across the business and also need to regularly review security. It is reported that Talk Talk had previously been attacked and had not undertaken action to remedy the risk, so keep on top of risks.
That said we all have a role to play in this to prevent our computers becoming in this hi-tech game of cat and mouse and must start at home to prevent our computers becoming unwilling Zombies.