Integrity360 is aware of an increased in DDoS attacks globally which we would like to remind our clients to remain vigilant about.
With workforces now working remotely, corporate resources are under significantly increased pressure. Businesses are reporting slow networks, high bandwidth, and networks teams are monitoring closely to ensure services remain available. With many businesses operating remotely due to the global pandemic, threat actors are turning their focus to interrupt service availability of critical national infrastructure and organisations.
Over the last 48-72 hours the Check Point Incident Response Team (CPIRT) has witnessed a marked increase in DDoS attacks against multiple victims globally. Targets have included Central Governments, banking, medical, energy and retail sectors.
This marked increase has yet to be directly attributed with a specific threat actor, but confidence is high that some activity is related to the COVID-19 pandemic.
These DDoS attacks witnessed are utilising multiple different methods including:
- SYN Attacks
- Reflection Attacks
- Volumetric Attacks
- DNS – Cache busting Attacks and DNS Volumetric Attacks
It is vital that businesses are prepared for DDoS attacks before they occur, as during an attack it’s too late.
Recommendations
- Ensure you have a plan in place. Having a solid incident response plan is vital, ensuring that DDoS is covered in this plan.
- Test this plan before an attack to ensure continued operations
If you would like assistance with preparing your business to combat a DDoS attack please get in touch and we’d be happy to advise on the best approach for your business.
Advisory taken from the Check Point Incident Response Team (CPIRT) 10/4/20