October is observed as cybersecurity month. Taking a look back at the first half of 2022, there was a significant increase in the threat landscape, especially with hacktivists targeting government agencies, enterprises and prominent individuals. DDoS attacks saw a hike of 203% across the globe. Radware’s threat analysis report observed an increase in malicious transactions targeting online applications, dominated by predictable resource location and injection attacks.
The attacks that rose significantly during the Russia-Ukraine war have spilled over to other countries too. On October 10th, 2022, pro-Russian hackers – Killnet took down the US airport websites, where the group invited hackers to participate in the DDoS attack. What one would need to understand is that such attacks will not cease and so, organizations need to use preventive measures to counter such attacks and reduce the vulnerable targets.
The biggest downside of DDoS attacks is the negative implication on Business
ISACA is an advocate for professionals involved in information security, assurance, risk management and governance. The recent results from its inaugural consumer cybersecurity research have found that 41% of consumers in India alone have had their personal information stolen by cybercriminals and 40% report having severed ties with a company that experienced a breach. As companies are increasingly adopting technology, the immense data generated, applications and changing work environment have only increased the threat landscape. Such incidents only put a dent in the credibility and RoI of the organization.
So, how to prevent and keep safe from such attacks?
- Robust and resilient network architecture is key to prevent DDoS type attacks
- Evaluate the capabilities of the vendor providing security services against cyber threats
- Constant monitoring and understanding of the network traffic of the organization
- Outsource the DDoS protection if the in-house team is not equipped to handle it
- Sensitize employees about cyber hygiene, how to recognize DDoS and other cyber attacks
- The focus should also be on key assets, applications, servers and other end/entry points
- Expand DDoS protection to cloud, hybrid and multi-layer environment
- Include software and hardware tools that help provide the 1st layer of protection against hackers
The expanding threat landscape can only be countered and contained, but not stopped
The pandemic acted as a catalyst in pushing digitalization impacting how businesses functioned. But this also increased the surface for DDoS attacks and hence increased the number of attacks on a YoY basis. Initiatives like cybersecurity awareness months help us remember why there is a need to fight threat actors; how one can use the tried and tested preventive mechanisms to keep our cyberspace safe and healthy; and understand why we cannot escape from looming threats but instead can only fight them through state-of-the-art products and solutions.
Authored by: Nikhil Taneja, VP & MD, Radware - India, the Middle East & South Asia