With the ease of access to the Internet and prevalence of social media today, unsuspecting computer users are making it easier than ever for malicious actors to target them with malcode. This trend has helped provide the perfect environment for Distributed Denial of Service (DDoS) attacks to grow in size, complexity and range of targets. Today’s attacks are not limited to Web infrastructure; attackers are increasingly targeting the Domain Name System (DNS) infrastructure as well. This trend has been particularly noticeable in the financial industry, which has been hit hard over the last year.
DNS-based DDoS attacks are especially troubling for the financial industry because if the DNS is unavailable, customers are potentially unable to access critical websites, disrupting customer and company transactions, and causing damage to their online revenue streams, reputation and brand. We’ve also seen examples of “DDoS as a distraction” in which a DDoS attack is used to distract from a larger financial fraud that is only discovered later through an audit, and potentially far more damaging.
As a result, the financial industry - ranging from large banks to small and mid-sized financial institutions, including credit unions - is taking this threat very seriously. Many institutions are working together with DDoS experts to help ensure they are able to identify, understand and mitigate DDoS attacks. They have come to recognize that traditional methods, such as bandwidth overprovisioning and firewalls, are no longer enough. Today’s complex attacks are best handled through cloud-based DDoS protection services because they enable a scalable, effective and affordable strategy for DDoS protection and mitigation, while helping to ensure availability of critical Internet infrastructure and protection of their online presence, revenue streams and reputation.
The strength of cloud-based DDoS protection providers lies in their ability to keep up with the latest threat methods and increase bandwidth in the infrastructure as needed. Remember – the attackers often have way more bandwidth and most companies can’t afford to purchase the bandwidth required to compete.
As DDoS attacks have now become a fact of life on the Web, we expect to see more enterprises trying to block harmful traffic before it reaches the network or application to eliminate the many risks associated with cyber attacks, such as data breaches and network downtime. Financial institutions need to prepare for the ever-evolving threat of DDoS attacks just like any other business critical issue by planning and implementing best practices to help quickly identify and understand security incidents and their implications, and determine effective mitigation and remediation tactics.
A recent report from Gartner Research, Arming Financial and E-Commerce Services Against Top 2013 Cyberthreats, provides valuable information about trends and best practices for firms to protect themselves and avoid costly damage from cyber attacks. Likewise, this on-demand webinar conducted by Forrester Research for Verisign titled, The Expanding DDoS Attack Surface: DNS Vulnerabilities and Mitigation Strategies, discusses current DDoS trends, the pitfalls and business impact of traditional defenses and new strategies for scaling operations and infrastructure to proactively respond to complex attacks.