In the online world there are numerous types of cybercrime, some types of cybercrime are more subtle than others. One example is DDoS attacks. Unlike malware or ransomware attacks, which use malicious software to cause harm, DDoS attacks use high volumes of seemingly normal traffic to overwhelm and crash your network. Because the traffic isn’t coming from a single suspicious source, this type of attack can be hard to identify and prevent.
How do you protect your school network from DDoS attacks? Here’s what you need to know.
The what and how of DDoS attacks
DDoS stands for ‘Distributed Denial-of-Service’. This cybercrime involves flooding your servers with vast amounts of fake internet traffic, which can crash your network or prevent ākonga and kaiako from accessing the resources they need online.
DDoS attacks are like an advanced version of a standard DoS (Denial-of-Service) attack. Where DoS attacks use one internet connection or device to bombard a network, DDoS attacks use thousands of connected devices, which means that the onslaught of traffic comes from multiple sources.
It’s like thousands of people trying to access your website or database simultaneously (like buying concert tickets, but that traffic is not fake or malicious) – and the outcome is similar. Your school or kura network could crash completely, or you might notice performance issues like slow loading speeds, difficulty logging in or accessing files, or your connection dropping out frequently. In some cases, DDoS attacks can make systems unusable for days or weeks, which could have a significant impact not only on your kaiako and ākonga, but also parents and the wider school community.
What’s driving DDoS attacks?
Malware, phishing and other cybercrimes tend to be focused on stealing data and making money. With DDoS attacks, the reasons behind the crimes aren’t always so clear.
Sometimes, attackers target large corporations or organisations to make a political statement or get back at a business they feel has wronged them. As an example, a disgruntled customer might want to damage a business’s reputation by making its site or services unreliable – which is illegal of course. There are also other DDoS attacks that are random, without a clear purpose or motivation.
While schools and kura are less likely to be targeted with a malicious or politically motivated DDoS attack, it’s always possible, so it’s essential to be prepared.
Identify, respond, mitigate
Cyber-protection tools like firewalls, web filtering and DNS protection use lists of known threats or content analysis to identify and block threats before they reach your network, but DDoS attacks are not quite so obvious. This is because the traffic that floods your network looks normal until it starts causing problems.
That’s why DDoS Protection is about responsiveness and mitigation rather than prevention. The technology works by continually scanning traffic on your network and then flagging any sudden surges or unusual patterns as soon as they occur. That’s when N4L’s security team can step in to respond and help fix things.
Responses include:
Scattering traffic
This involves using a network of outside servers to absorb the traffic from a DDoS attack. Spreading the load this way makes it more manageable and less likely to impact your school network.
Rate limiting
With rate limiting, you cap the number of requests your servers can accept, preventing much DDoS traffic from coming through. Of course, this approach also limits legitimate traffic and can cause slow-loading issues.
Black hole routing
With this last-resort approach, you divert traffic away from your network and into a digital ‘black hole’. While it will stop DDoS traffic from reaching your network, it also pushes legitimate traffic off your servers, which means everyone loses access to your school network for a period.
Fighting complex cybercrime
If your school or kura has a network set up through N4L, you already have our DDoS Protection. It’s a built-in part of your N4L connection and is one of the elements included as part of our Safe & Secure Internet service, which provides a baseline level of online protection.
Our DDoS Protection monitors for signs of an attack and will automatically swing into action when an attack occurs. The system will separate out the DDoS traffic and stop it from reaching your school, only allowing your normal traffic through. This ensures the school stays online without any network congestion. While it can’t eliminate the risk of an attack, it does help to minimise the effects and keep your network up and running. When your kaiako and ākonga rely on the internet for admin, teaching and learning, that’s crucial.
It’s all part of our commitment to safer, simpler, and more secure internet services for New Zealand schools and kura.
If you’d like to hear more from N4L, or see more blogs like this, why not subscribe?