The US Cybersecurity and Infrastructure Security Agency (CISA) today warned of ongoing Distributed Denial of Service (DDoS) attacks after US organizations across multiple industry sectors were affected.

All US organizations have been urged to take proactive steps to ensure their security teams are prepared to thwart or mitigate the effects of such attacks.

For example, network administrators must be prepared to quickly apply firewall rules or redirect incoming malicious traffic through DoS protection services to prevent attackers from disabling targeted portals or online services.

Alternatively, Internet Service Providers (ISPs) can also provide advice on the appropriate action to take in such circumstances.

“CISA is aware of open source reports of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations across multiple industries,” the cybersecurity agency said. said.

“These attacks can cost an organization time and money and can impose reputational costs as resources and services are inaccessible.”

CISA DDoS Warning

CISA, in conjunction with the FBI and MS-ISAC), provides guidance on what organizations should do before and after a DDoS attackincluding signing up for dedicated DDoS protection services that can redirect malicious traffic away from targeted assets.

It also provides additional recommendations to Federal Civilian Executive Agencies (FCEBs), advising them to take advantage of General Service Administration (GSA) tools such as the Managed Security Service (MSS) and Managed Trusted Internet Protocol Service (MTIPS) to counter the effects of DDoS attacks and restore the functioning of the impacted systems.

Wave of DDoS attacks claimed by Anonymous Sudan​

While the cybersecurity agency has yet to provide context, today’s warning comes after multiple DDoS attacks targeting private and government organizations saw their online portals taken offline in claimed incidents. by Anonymous Sudan, a threat actor tracked as Storm-1359 by Microsoft. researchers think it could be related to russia.

Since the start of the week, Anonymous Sudan claimed to have taken down the website (the US Treasury Department’s electronic federal tax payment system) and the US Department of Commerce website.

BleepingComputer confirmed that was down at the time of the attack claimed by the threatening group on its Telegram channel.

Today, they also claimed another DDoS attack that targeted Stripe’s dashboard to manage payments, refunds, and business operations.

Anonymous claims of attacks in Sudan
Anonymous claims of attacks in Sudan (BleepingComputer)

Earlier this month, Microsoft also confirmed several outages affecting its Outlook, OneDriveAnd Azure web portals resulting from DDoS attacks claimed at the time by Anonymous Sudan.

Since May, the group has targeted several other major organizations around the world, including Scandinavian Airlines (SAS), Tinder and Lyft, as well as various hospitals across the United States.

Source link