Information security now!
The National Cyber Security Centre Finland (NCSC-FI) has received unusually many reports about denial-of-service (DoS) attacks in December. Most of the attacks have not caused any noticeable harm.
The NCSC-FI has received unusually many reports about DoS attacks in the last few days. The attacks have targeted numerous websites, including central government organisations and organisations in the financial sector and the healthcare and social welfare sector, in particular.
Most of the attacks in December have not had any noticeable impact. The protection and security measures implemented have been effective, and attacks have not affected the targeted services. The attacks have also been relatively short and small in scale, ranging from a few gigabits to approximately 30 Gbit/s. Some of the attacks have employed the carpet bombing technique, directing traffic to a range of targets across the victim organisation's domain. In some cases, the attack has only lasted approximately twenty minutes and the attacker may have given up after noticing that the target is well protected.
In the attacks that have led to temporary service disruptions, organisations have been able to implement protective measures and reopen their services to customers. These incidents show how important it is to prepare for DoS attacks. Even though the attacks can never be fully prevented, proper preparation helps mitigate their impact.
Although unusually many DoS attacks have been discovered recently, the phenomenon itself is nothing unusual: DoS attacks are very common these days and preparing for them is a normal part of risk management in organisations. When organisations know how to prepare for them, the attacks can be blocked. More information on DoS attacks and how to prepare for them is available in our article “Denial-of-service attacks are on the rise – the impact is minor” . The article also includes statistics on the DoS attacks reported to us during the year.
We have also prepared instructions for organisations that become victims of a DoS attack:
The number of DoS attacks has been on the rise for some time now, and nothing indicates that the trend would be reversing. Organisations should check the status and settings of their protections, because DoS attacks are likely to affect more and more organisations in the future.
Reporting attacks benefits all
Attacks against an organisation should always be reported to the NCSC-FI. All details reported to us are useful. We at the NCSC-FI analyse the sources of malicious traffic and the quality and quantity of attacks. These analyses help us raise situational awareness, which enables us all to be better prepared for attacks and block them.
The NCSC-FI would like to thank all the organisations that have actively reported attacks. Reports to the NCSC-FI are confidential, and help us form a national situational picture about cyber security. Our experts also provide advice and help with information security incidents. It is also important to report attacks to the police. The NCSC-FI does not file reports with the police, but we exchange information about cases with other authorities, if organisations allow it.