Security Threats and Controls for Mitigating DoS/DDoS Attacks
23/07/2024
By Graciela Martínez and Guillermo Cicilieo
DoS/DDoS (Denial of Service/Distributed Denial of Service) attacks are one of the most common concerns for ISPs. Due to their role in digital infrastructure, ISPs are attractive targets for cybercriminals who can attempt to compromise their network, disrupting their different services.
In this context, we conducted interviews with professionals from various organizations in Latin America and the Caribbean. Our goal was to understand their perspective and based on their experience, have an initial overview of the security threats they face and the extent to which they have implemented controls for their mitigation.
During this findings identification phase, we detected key aspects of the most common issues faced by ISPs.
More actions are necessary
According to the interviewees, all organizations recognize the importance of cybersecurity for protecting assets and ensuring business continuity, yet many acknowledge the need to continue working on implementing more actions. Indeed, there is an awareness that cybersecurity must be included in an organization’s roadmap as part of its strategy. However, it is often not considered a strategic objective and, instead, security activities are scattered across daily operations.
To deal with the challenges that are emerging in the digital landscape in organizations such as ISPs, it is essential to proactively protect the infrastructures that support the business and promote a safe and reliable online environment for all.
(Free access, no subscription required)
According to information provided by the experts we consulted, the main reasons for this management issue can be divided into the following aspects:
- Overdue updates. The lack of hardware, software, and firmware is a common threat. Failure to manage updates and patches represents a risk for organizations, as outdated systems are one of the main attack vectors exploited by cybercriminals.
- Lack of preparation among organizations’ security personnel and lack of awareness at the management level.
- Organizations’ internal lack of knowledge about threat detection. Only a third of the professionals surveyed, all of whom serve in administrative roles within their organizations, admitted to having a security incident reported in the last three months. This result might seem encouraging, but it shows significant under-reporting: the fact that a security incident has not been detected or reported does not mean that it has not occurred.
Most popular tools
The following graph shows the most well-known tools mentioned in the interviews. However, some organizations have not implemented these solutions due to their high cost.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of LACNIC.