Tuesday, October 15, 2013

DDOS Attack Tutorial: DDOS stands for Distributed Denial of Service. It's one of the most basic cyber attacks, in which the attacker over loads the target Web site with hundreds or thousands of requests at the same time.

Anatomy of a DDOS Attack: http://bit.ly/18pl4EU

DDOS Preparation Checklist: Be Ready Before the Attack

Example of state regulator warning and recommendations to banks about DDOS attacks:
Beginning in September 2012, a well-organized group announced intentions to attack a number
of prominent U.S. financial institutions. The result has been ongoing distributed denial of
service (DDoS) attacks on financial institutions’ public facing web sites in an attempt to disrupt
their Internet-based operations. These attacks may continue for an indeterminate period,
change tactics, and expand to a wider number of financial institutions.

DDoS attacks are designed to overload public-facing web servers and disrupt access to the
targeted company via the Internet. DDoS attacks may cause slower response times or failed
login attempts by customers using Internet banking or other applications, or could slow or
interrupt an institution’s access to external on-line applications. In some cases, these attacks
may cause the Internet-facing computers to stop responding.

Practical steps financial institutions can take:

 Review the functionality of your online banking site
 Identify large files that are available for download from the site (either remove them, or
require additional authentication to start a download)
 Ensure the Secure Socket Layer (SSL) is only used for authentication/transactional
content, and not generic web pages
 Have a plan to disable non transactional functionality (e.g. ATM search screens), in the
event of an attack
 Review your policies around DDoS attacks (if you don't have a 3rd party DDoS
mitigation service, you might want to do some research)
 Ensure there is a plan to be able to communicate with customers during a DDoS, and
that your messaging is approved by leadership ahead of time
 Report any scans or probes of your front end web services that appear to be
reconnaissance of your infrastructure (e.g. systematic browsing of your entire site, and
use of every function)

No comments:

Post a Comment

Search This Blog