Home CISA warns of DDoS attacks

CISA warns of DDoS attacks

June 30 – Just ahead of the U.S. holiday weekend, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of ongoing distributed denial-of-service (DDoS) attacks.

Organizations across numerous industry sectors have been hit. All U.S. organizations are advised to take proactive measures to ensure that security teams are prepared to subdue the effects of such attacks.

Preparing for DDoS attacks

According to CISA, all network administrators should be prepared to quickly apply firewall rules or redirect incoming malicious traffic through DoS protection services. This will help prevent cyber adversaries from taking down targeted online portals or services.

Alternatively, CISA notes that internet service providers (ISPs) can provide guidance around appropriate steps to take in this circumstance.

More information

“CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations in multiple sectors,” said the agency.

“These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible,” the warning continued.

Business guidance

In collaboration with the FBI and MS-ISAC, CISA provides guidance on what organizations should do before and after a DDoS attack. Organizations may wish to enroll in dedicated DDoS protection services, which can reroute malicious traffic away from targeted assets.

For federal civilian executive branch agencies (FCEB), CISA is advising them to take advantage of General Services Administration (GSA) tools, like the Managed Security Service (MSS) and Managed Trusted Internet Protocol Service (MTIPS) to counter effects of DDoS attacks and to help restore operation of affected systems.

Anonymous Sudan

Today’s DDoS attack warning follows on the heels of several DDoS attacks that targeted both private and government organizations. The attacks were claimed by a group known as Anonymous Sudan, also tracked as Storm-1359 by Microsoft. Some cyber security researchers think that the group might be geopolitically motivated.

At the beginning of the week, Anonymous Sudan claimed that it had disrupted the U.S. Treasury Department’s electronic federal tax payment system and the U.S. Commerce Department website.

The group has also claimed a DDoS attack that targeted a financial firm’s dashboard, which is used to manage business payments, refunds and general operations.

Earlier this month, Microsoft stated that multiple outages impacting its systems resulted from DDoS attacks that were claimed by Anonymous Sudan.

Beginning in May, the group targeted multiple other large organizations worldwide, from aerospace firms, to dating app companies, to hospital systems.

Learn more about CISA’s latest DDoS attack warning here. To receive more timely cyber security news, insights into emerging trends and cutting-edge analyses, please sign up for the cybertalk.org newsletter.