Distributed Denial of Service (DDoS) attacks are becoming a trending and serious issue when it comes to Cyber Security across many industries in particular the banking and financial sectors.
In a DDoS attack Botnets (usually referred to as a “Zombie army”) bombards a server or a network with thousands of system requests sent from infected computers and internet connections causing network traffic to become overloaded and unavailable. So how do we prevent this from happening? Below are five strategies that can be used to prevent a DDoS.
One is improving network resilience by implementing connection redundancy and dedicated DDoS mitigation systems to isolate and remediate attacks. Consider deployment of additional DNS and web servers to balance the CPU load from the incoming flood of requests or use load balancing to bring critical services back up quickly.
Two ensure your ISPs network connection to the internet has above sufficient bandwidth to accommodate the increase of network traffic to normalise online availability and other services to continue running.
Three ensure your contract (SLA) with your ISP allows for flexibility to increase network bandwidth to the internet. In addition what methods and network connection changes will they undertake in order for your organisation to survive a DDoS attack.
Four segregate your network for different services such as separating transactional services from your public facing web server network. This helps if an attack does occur, only a proportion of services will be affected and your critical services remain operational. Ensure firewalls are configured to block malicious denial of service traffic and handle large connection rates if a DDoS does occur.
Five is to develop a Business Continuity & Disaster Recovery Plan that includes DDoS attack response mitigation strategies and procedures covering what pre-approved actions are to be carried out in the event of a DDoS attack. Testing and training of the response will assist recovery teams in implementing the best solutions at the time of the disaster.