The activities of hackers or computer spies have grown exponentially since the start of the pandemic.
More time at home and time to be connected to the internet, anxiety about the future, or economic problems were the opening key for thousands and thousands of scams, which through “Social Engineering’ or “Phishing” actions, led to theft and loss of money.
Added to this was the impact of the home office, where teleworkers in their homes in many cases did not have the degree of security that is available in companies, or at least that which they should have.
To bring to precise numbers, a Deloitte statistic stated that 47% of teleworkers fall for a phishing scam while at home. The most typical is when they receive a prize from an e-mail pretending to be your bank and asking them to enter your username and password. From there, your data is already compromised, and even more so if what the attackers have been given access to is sensitive business data.
Within this scenario, Denial of Service attacks have also increased, and here is what they are all about
What is a DDoS or denial of service attack?
If a hacker wants to breach a company, one of the common strategies is to obtain different access keys, until he can gain overall control of the system, a task that requires finding vulnerabilities in different systems to carry out attacks one after the other.
The denial of service attack, on the other hand, is less sophisticated than other types of attacks, but no less damaging, and consists of saturating, or congesting, access to a company and its services, in such a way as to saturate and disable its services or communication, so that it is unable to carry out its usual operations.
Not being prepared for a denial of service attack brings enormous problems to the affected organisations. For example, if it is dedicated to the management of critical services to the community, it could be impossible to offer the same. And in the case of businesses, they will no longer be able to operate, with a serious economic or marketing image impact. The history of the Internet is replete with such attacks, including those suffered by Amazon, Ebay, or even the White House at the time.
“Public attention for denial-of-service attacks has massively increased since the start of the Russian aggression,” explains Marc Wilczek, COO of Link11, which has recently been labelled as the only company to offer full control over such attacks.
Denial of service attacks during the Russia-Ukraine war
Russia’s invasion of Ukraine has fostered a huge surge, in a world where hackers are as important as guns or tanks.
On the one hand, there are the Russian attacks, which started even hours before the invasion. According to the Belingcat portal, most key Ukrainian government institutions had their websites attacked in an alleged DDoS campaign, which was a preamble to what was to come both militarily and cyber-wise.
On the Ukrainian side, on the other hand, hacktivist groups joined together to coordinate attacks on Russian online payment services, government departments, or aviation companies – explains a recent article in Wired magazine.
The same article explains that at the beginning of the war, attacks multiplied on both sides, and while they have now reduced in number, they remain at record levels of duration, even extending 177 hours.
How to prevent denial of service attacks
It is worth noting that any organisation or company can be a victim of this type of attack, and they are becoming increasingly sophisticated. In many cases, attackers ask for a sum of money or extortion to stop them and return to normality.
That is why protection is vital, and there are some specific tools on the market that – with greater or lesser success – seek to prevent it.
In order to provide an objective answer about how they work, the agency, NimbusDDOS, a company specialising in this type of attack, recently conducted an audit to measure the effectiveness of the world’s leading DDoS attack prevention software platforms, namely Akamai, Cloudflare, Imperva, Neustar and Link11.
The work was carried out conscientiously, on real companies that gave their consent to do so, and that had each of these solutions installed with the default configuration.
At the end of the analysis, a study issued by the research and consulting firm Frost & Sullivan verified that only one security platform detected and prevented all attacks, Link11, as all others failed at least one or even more attempts.
The audit took into account another fundamental metric in this type of case, which is to evaluate the detection time, a key aspect, as each moment that passes causes more damage and impact. Detection was verified, a fundamental variable to avoid havoc in the organisations attacked. In some cases, the “winning” company detected anomalous situations in 0 seconds, compared to 4 minutes for other solutions.
Regarding the importance of this metric, it is worth noting that, according to Frost & Sullivan specialists, “Only solutions that can provide fast and accurate DDoS mitigation can help organisations achieve true operational resilience against web-based threats. The faster the mitigation, the lower the business risk”.
Asked about the results of this assessment where his company was the only one to meet the desired control expectations, Marc Wilczek, COO of Link11 said, “Not only is the number of DDoS attacks increasing, but their DNA is also changing. Complexity is growing, new attack vectors and methods such as carpet bombing are being established. Conversely, existing security tools are reaching their limits. Maximum accuracy and speed in detecting and defending against attacks are paramount”.