Today’s focus on Zero Trust and cybersecurity indicates that as agencies have increased digital engagement and online transactions, the necessity for secure protection is vital, at a national and global scale. Recently, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) suggest that agencies need to prepare for an onslaught of distributed denial of service (DDoS) attacks.
“The alert on the re-emergence of DDoS attacks shouldn’t come as a surprise to cybersecurity teams,” shared Lonnie Attucks, Director of Product Management, at Lumen. “With the rapid digitization of government services during the pandemic and the current focus on improving customer experience, and the integration of the Internet of Things into agencies the conditions are near-perfect for more complicated, sophisticated, large-scale DDoS attacks.”
In fact, the CISA guidance explicitly identifies IoT devices and the essential equipment of hybrid work, like the home router, as not only the targets of attacks, but also as attack vectors. The guidance document notes that “because infections of IoT devices often go unnoticed by users, an attacker could easily assemble hundreds of thousands of these devices into a formidable botnet capable of conducting a high-volume attack.”
While CISA cautions that it is “impossible to completely avoid becoming a target of a DDoS attack,” the agency offers clear guidance to help agencies be in the strongest position to mitigate long-term outages and the likelihood of reputational damage. “The guidance contained in CISA’s Understanding and Responding to Distributed Denial of Service Attacks gets cybersecurity teams back to first principles,” explained Attucks. “The guidance emphasizes good cyber hygiene lies in understanding an agency’s critical assets and services, assigning priorities based on mission criticality, committing to a patching and updating cycle, understanding how remote users connect to the network, and hardening those as well.”
Beyond adhering to the fundamentals of good cyber hygiene, CISA emphasizes the importance of partnership – not just with their agency – but with private sector partners as well. “Private sector partners are essential for a robust defense and response posture to DDoS attacks,” noted Attucks. “If your agency’s Internet Service Provider (ISP) is part of the nation’s Internet backbone you’re better positioned to weather an attack and remediate quickly,” Attucks told us.
Lumen is one of the most deeply peered networks and a prominent service provider supporting federal agencies, giving the company a unique view into threats on the network and allowing their threat team to disrupt and take down threats faster. “We believe it’s a shared responsibility, and we take our role in keeping the Internet clean very seriously,” Attucks added. “Traditionally, the guidance has been that ISP DDoS protection services aren’t sufficiently robust, but that traditional assessment doesn’t hold when you have access to an agnostic and comprehensive view of malicious actors on the network and how to re-route them because of your ISP’s global view of network traffic.”
Even when an agency customer doesn’t leverage the Lumen network, they can rely on Lumen’s managed security service offerings to integrate and layer with the tools that are already in place. “It’s critical that agencies are taking a holistic approach to security.”
As we move into a new year and a new normal with hybrid work and a federal government that prioritizes exceptional digital experiences for stakeholders, ensuring continuity of access to online services has never been more important. Although it may be impossible to completely avoid a DDoS attack, agencies don’t have to abandon all hope.
An agency’s best bet is to combine their unique understanding of their own people, processes, and technology with those of a trusted partner that brings a broad and deep knowledge of the global network traffic and who can integrate and manage the latest security tools. That will put these agencies in the best position to defend against whatever bots and bad actors come their way.
To learn more about upgrading your network’s defenses, click here.