Since Izz ad-Din al-Qassam Cyber Fighters re-initiated their operations against US financial institutions, security solutions providers have started notifying their customers about the emerging threats.
Solutionary, a leading pure-play managed security services provider, is also warning its customers about the risks posed by the latest threats.
We’ve reached out to Solutionary experts to find out if there’s anything that targeted organizations could do to completely mitigate distributed denial-of-service (DDOS) attacks such as the ones launched by the Izz ad-Din al-Qassam Cyber Fighters.
“100% mitigation is not entirely possible due to the premise that the only way to achieve 100% is to not be targeted. However, with proper controls and sufficient focus on ‘survivability’ many organizations can absorb the negative impact and show no interruption to customers,” Rob Kraus, director of Solutionary’s SERT, noted.
“The only way to achieve this level of sustainability is to prepare in advance and ensure appropriate controls and technologies are implemented.”
The protection mechanisms that should be implemented to mitigate attacks vary from one organization to the other, Kraus says.
“Appropriate controls for one organization may not be appropriate or effective for another. Due diligence and risk assessments will help paint he picture of what controls and defenses should be implemented to mitigate impact. In general, detective controls that identify attack at onset will significantly increase organizations capability to respond to or thwart attacks.”
As far as the current security status of financial institutions is concerned, the expert believes that many of them have come to realize that the threats and the losses are real.
“In light of many of these events, especially when directly impacted, we have witnesses an increase in mitigation controls. Financial Institutions, and other vertical markets alike, can always improve security. In general, it is best to do like the Boy Scouts and always ‘Be Prepared’,” Kraus concluded.