Home » How to Steer Network Zombie Away

How to Steer Network Zombie Away

An attack on #Telegram occurred in June 2019 during the Hong Kong anti-extradition protests. Pavel Durov, the founder of Telegram, confirmed that the company suffered a “powerful” #DDoS attack which disrupted services for about an hour.

It is unfortunate that Distributed Denial of Service (DDoS) attacks are more frequent than we would like. Therefore, organizations should take active measures to protect themselves against these attacks and other threats. The good news is that these types of attacks are relatively easy to detect with certain powerful tools e.g., #SIEM, despite the fact that they can be nasty and impact your systems.

In simple words, hackers who use DDoS attacks overwhelm websites or other services with requests from many different devices, rendering them inaccessible. There are many distinct IP addresses or machines involved in a DDoS attack, sometimes on thousands of machines that are infected with malware. The effects of a DDoS typically involve more than three to five nodes on different networks, but a single node may be classified as a DoS attack but not a DDoS attack.

A DDoS attack must be prevented in real time if it is to be effectively countered. Due to the nature of this type of attack, retaliation must be immediate. An effective way to defend against DDoS attacks is to send attackers to another server instead of your own.

1) Content Distribution network (CDN)
You can accomplish this by using a CDN to distribute your website. CDNs protect your web servers by ensuring that users, both legitimate and potential attackers, never reach your website servers, only the CDNs, ensuring that DDoS attacks will only affect a relatively small subset of your target audience.

2) Load Balancers
Using load balancers is another way to prevent DDoS attacks from reaching your servers. It is designed to route incoming connections between multiple servers by using load balancer appliances. It is primarily to provide additional capacity that they are used. Consider a scenario in which your business has grown to 1000 connections per minute, but a single server can handle up to 800 simultaneous connections. Incoming connections are automatically balanced between two servers when you add a second one with a load balancer. The more advanced load balancers also have security features, such as recognizing risk factors associated with DDoS attacks, and redirecting requests to a dummy server instead of potentially overloading your servers. These technologies, despite their varied efficiency, provide an excellent first line of defence.

Apart from the above, one of the best ways to protect against DDoS attacks is with Security Information and Event Management (#SIEM) systems. By using their typical remediation processes, they are able to identify and stop attacks at the point of entry. When it comes to DDoS attacks, SIEM is most often the last line of defence. If an attack enters your system, even those which bypass other measures of security, they will be trapped.

Check out https://zpiral-wp.eastasia.cloudapp.azure.com/siem-best-cybersecurity-protection/  for one of the best SIEM in Hong Kong!

#Cybersecurity #SIEM #Protection