During the start of the University’s registration process, which is considered the peak usage period, the web-bases system was infiltrated and suffered a crippling Distributed Denial of Service (DDoS) attack. The web based registration and cashiering system was made unavailable for students to register, pay for and drop classes. It is believed that the attack did not initiate from an external network source. Investigation has revealed that the source was an internal attack by which the attacker was able to steal an administrator’s password.
DDoS attacks involve the attacker sending high amounts of traffic at a precise target from different sources. The objective of the attack is to consume the supply of the target, so it is not capable of completing its normal functions or serve its user. The attack may try to overpower the target’s bandwidth, CPU or memory to render it useless. DDoS attacks don’t actually alter or take over the target system, so from an attacker’s standpoint they are more of a nuisance than a threat to the integrity of an organization’s system. However, DDoS attacks can be highly effective at disrupting ongoing operations, which means they can do serious damage to an organization’s bottom line and impact business operations. Because of this, every organization with open applications and services must treat DDoS as a serious threat.
No single technology or operational process can provide sufficient protection from a DoS attack. Given the array of attacks covered by DoS/DDoS, it is often not easy to know when an organization is under attack. The best way to defend against a DoS attack is to handle it as a risk-management issue, as opposed to a technical or operational risk. Risk-management should be able to provide adequate coverage of security before an incident, during an incident and after an incident.
There are several methods that should be used to provide complete protection against DoS/DDoS attacks. To prevent or mitigate future DDoS...