Wondering where the Banking Analytics Blog has been for the past week? If you tried to access this site, it may have looked like the blog vanished. All FICO blogs, along with many others, went down because our blogging platform TypePad fell prey to a traffic overload most popularly referred to as a DDoS (distributed denial-of-service) attack. In fact, TypePad experienced a series of such attacks, even receiving a ransom note from the attackers!
In an odd coincidence, I was just in Atlanta at the headquarters for the Georgia Credit Union Affiliates organization and spoke to an audience about DDoS attacks. These attacks are not new and unfortunately not going away any time soon. Even worse, the variety of attack methods is getting stronger. As an example, cyber criminals are perpetrating Network Time Protocols in what's being called NTP Reflection Attacks. Essentially, they take advantage of a protocol that ensures the correct time on your PC in order to send forged packets that request large amounts of data be sent to the target IP address.
Do you remember the old consultative selling line “What keeps you awake at night”? Well apparently, when recently queried, bankers indicated that DDoS attacks were among their top security concerns. DDoS attacks, while not technically considered data breaches, accounted for 26% of all bank incidents last year, according to the latest Verizon Data Breach Investigations Report.
DDoS attacks were born out of protest by social groups who referred to themselves as “Hactivists.” We accepted this lexicon, and in doing so, we also palmed off these so-called attacks as a nuisance issue that presented only inconvenience.
Today, I think we all agree that with every such “nuisance,” there comes a price tag. How do we know that this smoke-and mirror attack is simply a nuisance or passing trend when we hear every day that more and more corporate brands are falling victim to the injection of malware? Didn’t you always try to sneak an extra cookie when your mother was distracted?
How do we attack DDoS?
There are quite a few best practices in play today that address DDoS attacks. We recently cited a few in our FICO Insights white paper #72 “Best Practices for Preventing Data Breaches,” available with our compliments (registration required). Here's an excerpt from the section on DDoS attacks:
To combat DDoS attacks, hardware-driven solutions are available that can handle a traffic overflow to your domain address, as well as detect other forms of accelerated activity within your secure operating system. Explore options and consider supplementing your current security setup.
Software patches typically leave your secure zones vulnerable when they are not promptly installed. Establishing a patch management system helps mitigate against this risk. You can further reduce the impact of a DDoS by installing a failover mirror website that will handle domain traffic in the event of a surge beyond what your website can handle.
Stay safe and remember to come back to the blog tomorrow. We are not planning on vanishing any time soon.