Our thoughts are with everyone across Europe, and the world, during these distressing times. Here are some general recommendations for our customers.
- Based initial analysis of the DDoS attacks that started against Ukrainian targets, the attacks are primarily DNS/UDP floods. For any customer of ours that does not have DDoS mitigations in place (e.g., via a service like Cloudflare, Akamai, or AWS Cloudfront), it is critical to stand that up for critical web services immediately. Having a firewall will not stop the volume of traffic we’re seeing via NetFlow analysis against Ukrainian targets.
- Blocking certain IPs will not stop all DDoS attacks. The attacks are coming from across the world, complicating their attribution and prohibition. DDoS protection via CDN, therefore, is critical.
- CDN detection is a signal in the SecurityScorecard platform. It is informational within the Network Security risk group factor.
- Any Ukraine-based company for the next 6 months can get entirely free access to SecurityScorecard’s enterprise license to protect themselves from ongoing cyber-attacks. We are also providing them free access to the SecurityScorecard digital forensics and incident response team to deal with ransomware issues or to recover from any outage. Simply email Ukraine@securityscorecard.io
For more information about your cybersecurity risk posture, and to get your free scorecard, go to www.securityscorecard.com/free-account.