Anonymous Sudan has over the past few days engaged in Distributed-Denial of Service (DDoS) attacks against Kenyan infrastructure. The group has claimed to have attacked various websites belonging to Government organizations as well as public companies leaving the sites inaccessible to users for a while.
DDoS attack is a cyberattack in which the attacker floods a targeted network or service with internet traffic in attempt to render the service inaccessible to its users. To carry out this malicious attack, an attack utilizes multiple malware-infected devices including compromised computers and IoT devices.
In their telegram channel, Anonymous Sudan attributes the recent attacks to what they view as Kenya’s interference and meddling in Sudanese affairs. This comes after government figures from both camps have been engaging in a war of words. Anonymous Sudan posted, “Kenyan critical infrastructure has been targeted and will continue to be targeted to teach its arrogant government a lesson to not meddle in Sudanese internal affairs and what Sudan can do to it.”
The group has claimed it has targeted various online infrastructures across multiple domains in the country. This ranges from telecom, various local universities’ websites, health organizations, and government online services including eCitizen. The group has further promised to target over 100 more “critical infrastructures” in Kenya.
At a time when there is an increase in the frequency and sophistication of cyber threats, cyber awareness and implementing appropriate cyber policies are key to ensuring you remain protected.
Identifying a DDoS attack
The most obvious indicator of a DDoS attack may be a service becoming slow or unavailable to users. However, this may be due to other reasons that may cause similar network performance issues such as a legit increase in traffic.
The following signs may help indicate a DDoS attack:
- Odd traffic patterns.
- Suspicious amount of internet traffic originating from a single IP source.
- A flood of traffic requests to a single resource in a service.
- A surge in traffic originating from users sharing a similar online profile such as geolocation, system model and web version used.
Protecting Yourself from DDoS Attacks
It is important to have proper network security practices in place to help mitigate DDoS attacks. Some attacks may vary in complexity and thus businesses and organizations should implement robust security measures to better protect themselves from this type of cyber-threat.
Some of the network security practices you can implement include:
- Implementing rate limiting. This limits the number of requests a user can send to a server per a given time window.
- Network segmentation. This process separates a network into smaller sections with unique access and security controls.
- Using a web application firewall. This is an application that monitors and inspects all HTTP traffic to your site.
- Use trusted and reputable anti-malware and anti-virus software.
- Updating your applications and security software.