We’ve been talking a lot about cyber security lately. With the latest Wanna Cry cryptovirus crippling thousands of companies, it’s no surprise that security is at the top of everyone’s mind. Datasmith has talked about how to protect yourself from cyber threats here. These protection techniques should be a requirement for all businesses. Just like every business needs a website, every business should have cyber security measures in place.
Today we want to talk about the next threat. The newest type of cyber attack that cyber security experts are already developing ways to combat: Denial of Service, or DoS. Simply put a Denial of Service attack refers to when a server made inaccessible by either overloading it with traffic, or compromising the firmware. It works to make a machine or network unavailable to its users by disrupting services of a host connected to the Internet. This threat is particularly dangerous because users might not immediately realize that they’ve been compromised. There are several types of DoS threats:
Denial of Service (DoS)
As we talked about above, a traditional DoS attack disrupts users access to a server by either overloading it with traffic or compromising the server’s firmware. This is a traditional DoS attack. It can destroy a server and render it useless. What makes this a particularly challenging attack is that often time you do not know you have been compromised for quite some time.
Distributed Denial of Service (DDoS)
A DDoS occurs when a server is attacked from many different locations—making it challenging to determine where exactly the attack is coming from. The recent Dyn attack falls under this category of cyber threats. In the Dyn attack, cyber security experts believe that a bot targeted unsecured IoT (Internet of Things) devices with out-of-date firmware. The attackers transformed these devices into one large botnet that overloaded traffic into Dyn. With IoT and IoT capable devices growing, this attack was a sign of things to come. It sparked a need to increase research into tightening security on IoT devices. For more on the IoT, click here.
Permanent Denial of Service (PDoS)
A PDoS attack occurs when a server or device is compromised (often at the firmware level), to the extent that it becomes impossible to recover. There is no way to get the device back. Simply put, it kills the device or server. These sorts of serious attacks are on the rise. A new malware has emerged that seems to be intentionally “killing” unsecured IoT devices. Although experts aren’t 100% sure why this is happening, it appears it may be happening to prevent the spread of a larger attack that could wipe out bigger, stronger devices. A PDoS attack creates a huge headache for businesses. It leaves you completely locked out of your device with no way to bring it back. Without the right disaster and back-up recovery in place, all of your data stored on the server or devices will be gone forever.
So how can you protect yourself, and your business, from DoS attacks?
Make sure firmware is up to date and passwords have been changed!
The first step in protecting yourself is making sure your firmware is up to date. That means NOT ignoring those update emails and pop-ups. If you work with a third party IT provider, ask and make sure their firmware is currently. Secondly, make sure you have CHANGED the password from the default password provided! Cyber criminals will start here when plotting an attack.
Security throughout the supply chain.
It’s not just your security you need to worry about, you need to make sure all third party providers who access your firmware have the necessary protection in place. Companies have to properly vet and verify who they do business with to make sure that they are not exposed to malware and counterfeit materials at any point.
If you haven’t checked these two items, it’s no longer a question of if an attack will occur but when.
DoS attacks are increasing, and it’s important to know what they are and how they could potentially affect you. DoS attacks kill productivity and create massive, sometimes even permanent, down time. Companies are still struggling to devise effective, holistic security strategies to address the increasing, and ever-changing, security threats. That’s why Datasmith is here to help. We can protect your business from the growing cyber security threats. Through our Managed Service Provider agreements we are your first line of defense for an attack. Our job is to be experts in the technology world. So give us a call and let us protect your business in the digital age.
