In uncertain times, average people rise to the occasion to help their fellow man. While we experience uncertainty, the best of us face the challenge.
Unfortunately, not everyone is so altruistic and some seek to exploit tragedy. One such instance occurred recently when cybercriminals launched a Distributed Denial of Service (DDoS) attack on the US Department of Health and Human Services (HHS).
The HHS DDoS Attack of March 15th
Amidst the COVID-19 outbreak, finding accurate information is of absolute importance. People need to be informed of the safest actions they can take to protect themselves and others. The HHS website is one of the top destinations for Americans searching for health information and is especially crucial during these uncertain times.
However, some cybercriminals are emboldened and are using the event as an opportunity to target citizens and health-related services.
Luckily, the DDoS attack was not particularly successful, as the website was slowed for hours but ultimately did not go down entirely. What was more alarming about the attack was the events that coincided and seemed related to it.
At the same time as the DDoS attack, several SMS, email, and social media messages were sent out claiming that a national quarantine in the US was imminent. The potential chaos that this attack was attempting to create would have been disastrous for recovery efforts.
Again, it appears the coordinated attack did not create mass confusion that the cybercriminals were hoping for, but to officials, it suggests a sinister motive behind the attacks. Considering the well-timed nature, it appears that the attackers were supported by a foreign nation-state. It seems the goal was to spread confusion and mistrust of the US government. While the US government has not officially responded or reported further on the attack, the Secretary of State and President have been made aware of the attack, which only emphasizes its severity.
Steps Towards DDoS Prevention
Over the years, advancements in technology have made DDoS attacks easier and more effective to complete. Improvements in computing power, the proliferation of poorly secured IoT devices, and the rising value of data has sparked more cybercriminals to execute this type of attack. In order to defend your network from DDoS attacks, it’s vital to be both proactive and reactive to the situation.
Invest in Powerful Network Infrastructure
First and foremost, ensuring your network and network users are following security best practices is your first line of defense.
Make sure you continually monitor for updates and patches, as cybercriminals will often search for out-of-date infrastructure and target those particular organizations.
Additionally, any organization not yet using WPA2-Enterprise should certainly consider upgrading. Time and again, WPA2-Enterprise has proven to be the best network available for security and efficiency.
Have a DDoS Response Plan
Having a plan to react quickly to a DDoS attack is as vital as your network security. A team within your organization that is prepared to respond is key to your defense. Task your team with creating a list of assets that will be used to identify and combat the threat.
It’s also important to prepare a plan for how to notify employees and when to escalate the response based on the severity of the attack. Additionally, if the attack becomes serious, you should create a list of internal and external contacts to notify. This can include groups such as 3rd party vendors, customers, other industry leaders, etc. Staying ahead of the damage and notifying those that may be affected is a much better response than letting them find out on their own.
Use Strong Authentication Methods
Maintaining control of who has access to your network is paramount to overall security. If your network is not well defended, the network will be that much easier to compromise. Many organizations are moving to more secure authentication methods, and none are superior to certificate-based EAP-TLS authentication.
A commonly cited barrier to using certificates is that they are difficult to configure and distribute efficiently. Our JoinNow onboarding solution neatly sidesteps that issue by enabling quick and easy self-configuration. Users are able to follow the straightforward client and be distributed a valid certificate. They cannot be stolen or transferred, ensuring that no one outside your organization will be able to access the network.
SecureW2’s onboarding solution is fully cloud-based and can equip any organization with the tools they need to switch from weak credential security to powerful certificates. It’s the tool you need to take back control of your network.
Invest in Strong DDoS Prevention Systems
Deploying powerful prevention tools is vital for your overall network defense. Tools such as firewalls, VPN enablement, content filtering, anti-phishing methods, and other defensive layers can be the key to preventing a DDoS attack from occurring.
Many organizations opt to use cloud-based solutions from 3rd party vendors rather than on-premise infrastructure. Besides the lower cost to install and maintain cloud solutions overtime, they tend to offer a wider variety of protections. And specifically for DDoS protection, it’s far easier to overload a private, on-premise server than a cloud-based service provider with endless built-in redundancy.
In these unprecedented times of pandemic and social distancing, it’s important not to lose sight of the networks people rely on for work and vital information. If the attack on the HHS was truly perpetrated by a foreign actor, the damage they could have unleashed would have been catastrophic if there were no proper network security measures in place.
We can prevent such DDoS attacks from taking your network down. Check out our pricing page to see if SecureW2’s certificate solutions are right to defend your network.