Preventing DDoS Attacks Starts with Network Monitoring

The first step in mitigating an attack is being able to recognize the signs of one - and stopping it in its tracks.

Last week, the distributed denial-of-service attack that hit major domain name server Dyn, Inc. was an alarming wake up call to businesses, organizations and individuals across the globe. There's been no shortage of high-profile cyberattacks over the past few years. In fact, it has become increasingly obvious that the sophistication of hacker capabilities is only accelerating, leaving no one immune to the possibility of infiltration.

Discover Our Next Generation IT Service Assurance Platform—request a demo!

The recent DDoS attack is certainly far from the first major disruption to leave a network unreachable. But it does mark the first time hackers were able to deliver such a massive blow that impacted tens of millions of IP addresses, knocking even some of the most popular websites like Netflix, Spotify and Twitter offline. Plus, it wasn't just one disruption—it was actually a series of attacks that came in waves throughout the day.

Insecure IoT devices fuel Distributed Denial-of-Service attacks

Though the Dyn DDoS attack is still under investigation, with many questions left unanswered, evidence points to the outage being achieved with Milari malware botnets. By exploiting vulnerabilities in internet-connected devices—such as VCRs, cameras and networking equipment – imposters are able to collect enough data and infrastructure gain to flood a server and cause it to shut down. The scale at which this was done to Dyn DNS – basically the phonebook of the web – is a testament to just how powerful and damaging this tactic can be – and why we should all be concerned about the security of our Internet-of-Things devices.

"The DDoS attack on Dyn's DNS is likely just the beginning for disruptions of this nature."

As TechRepublic recently pointed out, the Dyn attack is likely only the beginning. Because the malware source code used in this particular disruption is publicly available, it makes it easier for hackers to use it as a blueprint to develop future methods of infiltration. In fact, already the number of DDoS attacks has increased by 75 percent this year. They are also growing in size and speed, capable of reaching anywhere between 10 Gbps and 600 Gbps, which is more than enough to cripple the infrastructure of just about any company.

"The use of IoT devices for recent DDoS attacks has shown how fragile and insecure many of these devices currently are," IP Architects President John Pironti explained to TechRepublic. "The first use was for DDoS, but these same devices are likely to be used as entry points to the internal networks they connect to as well as they become more pervasive."

With an increasing number of employees using online applications and brining their own devices to work, risk mitigation and prevention has never been more important.

Risk mitigation must-have: network monitoring tools

Some organizations tend to cut corners on IT security and monitoring because they assume that, because they aren't a major well-known company, they aren't a target. However, as seen with DDoS botnets, you don't need to be the primary target for hackers to compromise your network to fuel a cyberattack. Any IoT devices, from tablets and smartphones to thermostats and watches, can be exploited by malware. When you take a moment to consider just how many devices and applications are interconnected in your network, it's easy to see how vastly complex the threat landscape is—and how difficult managing it all can be.

However, using a single interface to gain end-to-end visibility of your network makes it significantly easier to monitor device activity, identify signs of disruptions and notice red flags indicating it's being used in an attack. For example, network monitoring capabilities, like those offered by ScienceLogic, may be able to monitor firewall and load balancer activity for random spikes in traffic that far exceed normal patterns—an indicator that an attack is taking place. The first step in mitigating an attack is being able to recognize the signs of one—and stopping it in its tracks.

Request a demo