The consequences of DDoS attacks on public institutions

Distributed Denial of Service (DDoS) attacks are becoming problematic cyber threats for public institutions and businesses around the world. Recent statistics indicate that these types of attacks are increasing in occurrence, sophistication, and severity; every year, there is an increase of around 25% more DDoS attacks on governments and state-owned entities.

While there are various types of DDoS attacks, the basic premise remains the same – false network traffic is used to overload a network, causing it to deny access to legitimate users and ultimately crash. This means that real users cannot access the network, interact with the website, or communicate with the organisation online due to an overload of traffic across the servers. This impacts the business internally, as well as affects the ability of employees accessing systems to provide customers with information and services.

Public institutions have been targeted for many reasons and the motivation behind these attacks is often deep-seated nowadays. Some cyber criminals want a ransom, others want to make a statement or exact revenge on a public institution. Whatever their reasons, state-owned entities must be prepared for these threats and have systems in place to protect their IT networks and servers.

SEACOM Business offers DDoS Protect

Our DDoS Protect services are specifically designed to safeguard high-level applications and IT systems. These solutions can be set up on-premise or on our secure cloud-based platform. SEACOM Business has partnered with NETSCOUT to offer its Arbor DDoS services to public institutions in South Africa.

DDoS Protect enables automatic detection and prevention of attacks by using autonomous filtering and diversion software to sift out real users from false traffic. Not only does this optimise network performance but it also streamlines traffic across the network and ensures that only legitimate users can interact with a website, email server or any online application. If your IT network is under a DDoS attack, call us for immediate assistance on +27 11 038 7045.

The result of a DDoS attack for public institutions

Without a doubt, these cyber threats pose serious risks to public institutions and state-owned entities. A single attack on a financial institution, for example, could affect dozens of linked corporations and banks. This would impact thousands of citizens across the country.

Financial organisations are not the only ones at risk; public healthcare institutions, transport departments, law enforcement agencies and entire municipalities have been targeted in the past. DDoS attacks can cripple these entities and all those who rely on their services on a daily basis.

Additional security measures

All public institutions need to put in place various cyber security measures, including DDoS protection and prevention. These should include a layered approach that covers three main areas; monitoring, detecting and preventing.

1. Monitoring - The best method of cyber attack prevention is autonomous and constant monitoring of your IT environment. Having comprehensive network visibility is critical.
2. Detecting - Your cyber security system should be able to immediately detect any threats and alert you to these problems.
3. Preventing - The whole premise of cyber security is to prevent attacks. This is the final but most important area of concern. Can your system adequately prevent advanced cyber attacks and effectively protect your data and information?

From this three-layered approach to cyber security, you can develop a better strategy and security measures that deploy multiple controls at once. This will ensure that each component of the cyber security plan has a backup or failsafe. These layers work together to strengthen your defences and build a solid foundation for your cyber security plan. Here are some additional measures to consider:

• Create backups on a regular basis so that you can restore information immediately in the event of a system crash or network overload.
• Make use of automated software and systems, as included in our DDoS Protect offerings, to save time and resources.
• Create a continuity plan and incident response strategy for such cyber attacks.
• Set up a firewall to monitor incoming and outgoing network traffic.
• Keep your security software and firmware up-to-date by running regular updates and patching processes.
• Enable multi-factor authentication on your network and endpoints (laptops, smartphones, workstations etc.).
• Set up web content filtering to block access to certain websites or dangerous links. This reduces the risk of phishing and scams.
• Make use of email filtering software. Did you know that 94% of malware is delivered by email?
• Train your employees in security awareness and how to make use of the various cyber security systems in use.
• Use a reliable DDoS protection service provider, such as SEACOM Business, that can offer scalable and tailored solutions to match the specific needs of the institution.

The continuity and response plan should outline certain steps to be taken by management and decision-makers. It is important that everyone at the institution practices these steps and rehearses the scenarios where a DDoS attack may shut down a website or the entire IT network. Just as with fire drills, these walkthroughs and simulations will allow employees to react swiftly and effectively to cyber attacks.

For public institutions, adopting relevant policies and training employees on response tactics are two good ways to improve cyber security. Not only should software be used in the fight against cyber attacks, but planning and personnel responses should be used in the effort too.

Cyber security is everyone’s responsibility, so it’s important to train all staff members on how to identify, prevent and respond to DDoS attacks. SEACOM Business can provide automatic DDoS protection software to public institutions in South Africa. For more information or to get a quote for our DDoS Protect solutions, email us at marketing@seacom.com or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.

Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.