Need Help ?
Home >> Samples >> CYB 310 Network Defense >> CYB 310 : 3-1 Discussion: Denying DoS Attacks

CYB 310 : 3-1 Discussion: Denying DoS Attacks ...

CYB 310 : 3-1 Discussion: Denying DoS Attacks

CYB 310 : 3-1 Discussion: Denying DoS Attacks

One of the biggest assets of an organization is information. Stopping the flow of that information can be detrimental to a business. If your organization experiences a denial-of-service (DoS) attack, it may be at risk to lose customers, revenue, and reputation. It is challenging for organizations to report a cyber incident and, even when they do, what they publish can be missing key facts to understanding the full attack picture.

For your initial post:

  • Find a resource outside of your assigned reading that describes a recent DoS attack. Post the link and summarize the attack for your peers.
  • Identify possible missing information from the resource that would help you prevent similar attacks in your organization.
  • Explain why there is no incentive for organizations to report these types of attacks.

In your response posts, is there any other missing information you can identify? Alternatively, what other steps could you take to protect an organization's data from a DoS attack?

 

Sample Post

Hello everyone!

One attack I was able to find some information is the DDoS attack on South Korea's Joint Chiefs of Staff (JCS) website on November 5, 2024, at approximately 5:30pm. 

Massive DDoS Attack Cripples South Korea’s Defense Site—North Korea or Russia?

Though it was affected initially, prompting an investigation from the Cyber Operations Command, the DDoS countermeasures were activated and allowed the site to remain operational for the public, though there were slower loading times and connectivity issues. The IP address was blocked, says a military spokesperson, and the department is focusing their efforts on finding the culprit responsible for the attacks. This attack is following a warning from the Korea Internet & Security Agency on October 1, which previously had alerted organization to increase cyber defenses in anticipation of an uptick of cyber threats, possibly due to the deployment of North Korean troops to Russia. People are speculating that the attacks maybe have originated from, or at least been linked to, North Korea or Russia. 

The article is unfortunately quite lacking on information, such as the countermeasures that were deployed to circumvent the attacks or if the website had protocols in place for responding to such cyber threats. It was incredibly difficult to find an article reporting recent DDoS attacks in the first place, let alone one with a lot of information. There are, however, many best practices to put in place to protect against DDoS attacks, such as prioritizing security over performance, bolstering your protection tactics, and embracing threat intelligence to stay ahead of potential attackers. 

There are quite a few reasons why organizations may not want to report on DDoS attacks. For instance, it could give a public perception of weakness for the organization, which could lead to an escalation of attacks. DDoS attacks are generally used as part of "stress" testing for servers, and if they report that the attack was successful in disrupting services, attackers could use that information to mark that organization as a viable target for future attacks. Additionally, there are no legal requirements to report such attacks, meaning most organization may opt to handle the problems internally to avoid the consequences that could result from disclosure. 

Thank you!

Sample Reponse

Hello,

Thank you for sharing such an insightful example! The DDoS attack on South Korea's Joint Chiefs of Staff is a strong reminder of the need for robust cybersecurity measures, especially amidst heightened geopolitical tensions involving North Korea and Russia. Another key piece of missing information is whether the organization performed a post-incident analysis to identify and address vulnerabilities exposed during the attack. Additionally, it would be valuable to know the scale of the attack, such as the traffic volume or duration, as this could provide insight into the attackers’ capabilities and intentions. Sharing more details about the countermeasures—such as traffic filtering or reliance on cloud-based mitigation—could also help other organizations enhance their defenses.

To prevent or mitigate DoS attacks, organizations can take several proactive steps. Implementing redundancy by distributing server resources across multiple locations can reduce the risk of single points of failure. Real-time traffic monitoring tools can detect and neutralize unusual patterns before they escalate. Rate limiting helps control excessive requests from individual users, while partnering with ISPs can block malicious traffic closer to its origin. Moreover, having a robust incident response plan, regularly tested through drills, ensures organizations can act swiftly and effectively. These measures, combined with international collaboration and information sharing, could significantly strengthen collective defenses against such threats. What are your thoughts on the potential benefits of increased transparency and cooperation between organizations in mitigating attacks like these?

Thanks.





Need your Own Custom Solution?

Order with full confidence and you will be amazed by our results

It’s pretty straightforward, but if you get stuck at any step, please feel free to contact us at any time for a chat.

WhatsApp support@gradegivers.com
NEED A UNIQUE PAPER ON THE ABOVE DETAILS?
Order Now

Place a Quick Order

Our verified writers got you covered. Let us help you balance between studies, work, and family.

Order Now
WhatsApp