Advice from CERT-SE.
Denial of service attacks, or so-called DDoS-attacks, happen all the time. The consequence of a DDoS-attack is usually that a website or digital service becomes slow or disabled for a limited period of time. One can say that it is more disruptive than destructive. There are times when DDoS-attacks are the first step in a larger, more sophisticated attack with more serious consequences than traffic stops. Regardless, it is of course desirable to minimize the risk of a denial-of-service-attack. CERT-SE has formulated five measures that a company or government agency can take to reduce the risk of having its website or service become slow or disabled by such an attack. They are:
- Use protection services against overload attacks: Many ISPs offer protection services that can absorb and filter incoming traffic and only direct legitimate traffic to your server. Alternatively, a Content Delivery Network (CDN) can be used to protect your web server.
- Activate speed limiting: This means setting a limit on the number of requests that a user can make to your website within a given time period. This can help prevent your server from being overwhelmed by excessive traffic.
- Use traffic filtering: Implement filters to block traffic from known malicious IP addresses or traffic that does not meet certain criteria (assess whether, for example, blocking traffic from abroad may be an option). A web application firewall (WAF) can be used to manage overload attacks that target the application layer. Access to logs is important in order to determine the type of attack or systems that have been affected.
- Keep an eye on the big picture: A denial-of-service-attack can sometimes be a way to direct attention and resources away from other types of attacks. It is therefore important to ensure monitoring of events in the entire network environment in order to detect and manage such attempts.
- Update regularly: Keep all software and security measures up to date to ensure that they can defend against the latest methods of denial of service attacks.
At link22, we have many years of experience in cybersecurity, and we have developed solutions that protect critical infrastructure, sensitive data, important systems, and more. If you have questions or want a demo, we are happy to have a coffee together and tell you more.
