Published on August 27th, 2013 | by admin
Bandwidth Overload!: Is DDoS Indefensible?
Governments, agencies, and financial institutions are no strangers to distributed denial of service (DDoS) attacks. Even as the law works to prohibit these activities, hackers and “political activists” continue to disrupt network access with incredible flair.
Just this past weekend, a portion of websites for the notoriously sophisticated Chinese internet registry were down for two to four hours, prompting an apology to affected users from the Chinese government.
Eventually, all was up and running again, but not without significant damage to China’s perceived ability to protect itself from such occurrences.
Disruptions like these are often politically or financially motivated, and the variety of attackers includes single individuals and organized groups. By overwhelming a website or network with a large number of requests, attackers can essentially shut it down. Response time slows to a halt, making the service or site unusable.
And of course, these attacks aren’t limited to large registries alone. Imagine an attack that cripples emergency services. Public sector and private industry across a broad spectrum of industries have been targeted by such attacks as well.
What can service providers do to protect their networks and their users from internet downtime?
Well in China, many service providers managed to prevent a full-on outage by storing parts of the registry locally, maintaining access for a pre-determined time period. This kind of advanced preparation can work wonders in lessening the blow to both agencies and customers.
Agencies themselves might find it useful to create a post-DDoS process, as well as a network diagram and contact list. As with any security program, IT teams should include Emergency Response plans for such attacks. Any steps, people, or resources that can aid in protecting and restoring data quickly and efficiently are invaluable to recovery.
It’s inconclusive—leaning towards decidedly impossible—whether you can or cannot defend against DDoS attacks. But what is clear is that preparation is the best security.
Marketing Specialist, SS8