Spamhaus, the organisation that is effectively the world’s de-facto spam police, reported earlier this week that is was subjected to a massive Distributed Denial of Service attack (DDoS).
Although, for now, the effects have been limited to a general slowdown of websites and online services, it could be the sign of things to come.
The situation began when Spamhaus attempted to take action against a Dutch company called Cyberbunker – hosts for some of the net’s worst offenders for spamming and piracy. Unhappy with being blacklisted, they allegedly teamed up with Eastern European and Russian gangs to launch a massive cyber attack against Spamhaus, generating 300gb of malicious-ness per second.
To put that into perspective, per hour it’s the equivalent of downloading about 27 million high definition Harlem Shake videos. A terrifying idea in so many ways.
Although this is clearly an exceptional attack (even large scale attacks on highly-protected financial institutions rarely go above 50gb/s), it does show how organised these kinds of cyber attacks have become.
All organisations need to be aware of the dangers posed by DDoS attacks, Advanced Persistant Threats (APTS) and other cyber threats. Just today the BBC reported that a London listed company lost £800m as a result of a cyber attack.
Your response to a cyber threat must be proportional to the risks you face. IT Governance can help you to understand and face up to cyber threats with the correct measures in place.
Cyber compliance: By complying with internationally recognised best practice, such as ISO27001, you can make sure your system for managing information security is robust and fit for purpose.
Cyber resilience: To mitigate against cyber risk, make sure you have adequate business continuity and disaster recovery procedures in place. With the right measures in place, even if an attack does occur, you’ll be able to get your operation back on track as quickly as possible.
Cyber security testing: IT Governance has a full range of security testing services to help you find and fix vulnerabilities in your IT systems.