The Canadian Federal Government’s network service availability was impacted by reported ‘large-scale’ DDoS attacks earlier this week. Reports indicate that the illustrious Anonymous group has claimed responsibility for these outages, due to outrage over the recently passed anti-terror Bill C-51. Attacks left the Government web services, including internal networks inaccessible for hours.
According to thestar.com, Bill C-51 legislation “gives the Canadian Security Intelligence Service more power to thwart suspected terrorist plots — not just gather information about them. It also increases the exchange of federal security information, broadens no-fly list powers and creates a new criminal offence of encouraging someone to carry out a terrorist attack.”
DDoS is a global epidemic that knows no boundaries, employs varied motivations, and does not discriminate against its targets or victims. DDoS is an attack vector that has plagued security professionals for over a decade with no foreseeable end in sight. Defeating the problem begins with an understanding of the evolution of DDoS; where and how it all began, what we are up against today, and what we expect in the future. We are dealing with a problem where it is no longer a matter of IF you’ll get attacked; it is a matter of WHEN.
Recommendations for organizations taking proactive steps toward proper DDoS defense include:
• Understand the threat -Find out how different DDoS techniques slow networks and service availability to a crawl, and ultimately, a halt or how DDoS attacks are utilized as a distraction technique for data exfiltration efforts.
• Know the enemy - Learn the motives for the crime including extortion, politics and competitive edge.
• Formulate the plan - Prepare your DDoS response strategies and tactics so you'll be ready to counter any attack.
• Deploy the solution – Engage real-time DDoS defense solutions to mitigate attacks before they impact your service availability.