In response to the recent DDoS attack against HSBC, Darren Anstee, EMEA solutions architect team lead at Arbor Networks, has the following comments:
“Recent attacks have used what we call multi-vector attacks, attacks which utilise a combination of volumetric and application layer attack vectors. What we are seeing here are TCP, UDP and ICMP packet floods combined HTTP, HTTPS and DNS application layer attacks. Attackers are doing this because they know it makes the attacks more difficult to deal with, but not impossible if we have the right services and solutions in place.
“With the increase of DDoS attacks it is extremely important that organisations take best practice defensive steps to ensure they are adequately protected if, or more likely when, they become the target of a DDoS attack. Organisations should minimise their threat surface as much as possible using their network infrastructure to control the traffic reaching their service infrastructure, and they should ensure that they have well documented, and tested, incident handling processes.
“I have seen it stated that there isn’t much an institution can do to stop these attacks, but that is simply not the case. If you have both on-premise protection as well as cloud-based protection from a service provider, this will help your business to withstand the majority of DDoS attacks.”