Good practices in countering DDoS attacks
The Polish Financial Supervision Authority has published a guideline on good practices in terms of counteracting DDoS attacks. KNF recommends that each entity operating on the financial market (e.g. small payment institution, domestic payment institution, electronic money institution) should conduct risk analysis in the area of DDoS attacks on its IT infrastructure, and based on the results of that analysis should choose appropriate tools, technical solutions, or optimal model of Internet access architecture to protect against attacks.
What are DDoS attacks
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are popular types of cybercrime activity. According to the FSA, DDoS attacks can be characterized as actions that cause the temporary unavailability of an organization’s electronic communications systems and services. Often DDoS attacks directly influence availability attribute cause also influence integrity and confidentiality attributes of data, generating a high risk of data loss by an organization.
The KNF’s guide to best practices is available at the following link.
The impact of DDoS attacks on payment service providers
As indicated in the KNF’s statement of good practices, unavailability of the service caused by DDoS attacks may lead to a number of significant risks on the part of the organization, such as:
- significant financial losses resulting from the lack of continuity of business operations, and consequently claims of customers and external suppliers or recipients of services,
- image losses resulting from temporary lack of realization of services for business and individual clients,
- violation of legal regulations.
DDoS attack data
According to statistics in the 2019 ENISA report:
- the total number of DDoS attacks in Q3 2019 (compared to the same period of 2018) increased by 241%,
- 79.7% of all DDoS attacks were SYN-Floods,
- 86% of mitigated attacks in Q3 2019 used more than two vectors,
- 84% of DDoS attacks lasted less than 10 minutes.
Contingency scenarios
The Polish regulator (KNF) suggests introducing automated mechanisms in organizations that will work in emergency situations, including in particular scenarios of actions that, in case of detecting an attack that may threaten the continuity of the organization’s work, would allow for immediate implementation of protection mechanisms.
Automated processes such as changing BGP prefix attributes, implementing additional mechanisms to protect hardware resources of network devices and servers (control-plane policing), or, in extreme cases, disabling the Internet connection that is the subject of the attack can significantly contribute to shortening the organization’s response time to the attack.
Questions or concerns – contact our law firm
Should you have any questions or doubts, we encourage you to contact our Fintech Law Firm in Poland. Our lawyers from the payment services team will be happy to answer your questions. Inquiries can be directed to: [email protected]