Government Websites Needs Protection Against DDOS Attacks
The Internet is a mission-critical infrastructure, for any nation. Increasingly government institutions are making their services available online to improve citizens' quality of life.
Government websites are often prey to cyber-attack by a malicious party aiming to disrupt a website on the Internet. Amongst the many of these cyber-attack threats, the availability-based attack threat is one of the most serious security threats affecting websites or commonly referred to as denial-of-service attacks. When the attack is carried out by using more than one attacking machine, it is called a distributed denial-of-service (DDoS) attack.
Government websites that lack adequate cyber-defense to handle a new generation attack like distributed denial of service, fall prey to the attack, often to exert financial or political pressure. The threat is most often than not, devised by a volunteer activist or cyber-terrorist that is an expert in hacking networks.
Distributed denial of service is an attack on the webserver infrastructure and network resource capabilities by causing the server’s or network’s resources to be consumed to the point where the service is no longer responding, properly.
Hackers could use varied methods to reach this objective, such as:
-
Volumetric floods - An attack by redirecting large amounts of web traffic to the host server simultaneously.
-
Network protocol level Attacks - An attack targeted on the network protocol by amplifying large amounts of data sent to the webserver, so that the server on the receiving end is consumed to the point where the service is no longer responding.
-
Application-level attacks - An attack targeted at depleting a key resource within an application with multiple requests, until the capacity has exceeded.
-
Multivector Attacks – where the attacker uses a combination of the different types of attacks. In several instances, the attack starts out as a flood of traffic attacks toward the network, then morphing into various other forms of attacks such as network protocol-level attacks or application-level attacks.
Government institutions fail to recognize that a firewall is adequate to safeguard itself against a sophisticated and planned distributed denial of service attack. While many new-generation firewalls, claim to have built-in protection, the most recommended practice to safeguard against a distributed denial-of-service attack, is to use a dedicated cloud-based protection service that scrutinizes all inbound traffic and mitigates the risk, even before it can hit your firewall or other components of the IT infrastructure. A dedicated cloud-based protection service mitigates it in three stages:
-
Detection – To be able to distinguish an attack is the most important step in mitigating the risk.
-
Response & Re-routing - in this step, the cloud-based service responds to incoming malicious traffic and intelligently routes it preventing denial-of-service.
-
Learning & Adapting - the network now learns repeatedly offending IP addresses, and re-prioritizes the traffic from a similar source based on the learnings from past data. It also looks for similar patterns in attacks and re-prioritizes traffic from few countries or selects geographical regions.
Government and enterprise websites are now waking up to the need of having a dedicated cloud-based protection service, to actively defending themselves against a distributed denial-of-service attack.
Additional References
[1].https://www.akamai.com/uk/en/resources/ddos-protection.jsp
[2].https://www.radware.com/products/defensepro/
[3].https://www.akamai.com/uk/en/resources/ddos-protection.jsp
[4].https://www.cloudflare.com/learning/ddos/
[5].https://dyn.com/ddos/