A massive DDoS attack in Belgium has targeted over 200 different organizations and offices within the European nation, also taking out some of the operational capacity of the country’s Belnet ISP.
The Center for Cybersecurity Belgium (CCB) cited changing tactics in as part of the challenges of battling a system presumably driven by some sort of botnet.
“We are fully aware of the impact on the organizations connected to our network and their users and we are aware that this has profoundly disrupted their functioning,” said Dirk Haex, technical director at Belnet.
The city of Brussels and various universities were among offices shuttered for a time to deal with this aggressive cyberattack.
Belnet has filed a complaint with the country’s Computer Crime Unit, a federal agency for preventing cybercrimes.
Officials call the act “unprecedented.”
“Belnet was founded in 1993. It is the first time that we have been confronted with such a gigantic data flow,” Haex said. “We cannot expect to know tomorrow who is behind it. It is a very complex analysis that has to be done.”
DDoS attacks represent a significant threat to public facing systems, and have been a favorite method of hackers since the early days of the Internet. In a DDoS attack, hackers coordinate large numbers of either real or ersatz users to flood a server and compromise its functionality in real time.
In addition to various traffic metering solutions, some hueristics filters have been effective in distinguishing botnet activity and remediating DDoS attacks. Officials also suggest that companies have a game plan for early detection and response.
“The best way to ensure that your organization reacts as quickly and effectively as possible to stop a DDoS attack is to create a playbook that documents in detail every step of a pre-planned response when an attack is detected,” writes Paul Rubens at Esecurityplanet. “This should include the actions detailed above, with contact names and telephone numbers of all those who may need to be brought into action as part of the playbook’s plan. DDoS mitigation companies can help with this by running a simulated DDoS attack, enabling you to develop and refine a rapid corporate procedure for reacting to a real attack.”