How South Africa will fight DDoS attacks in 2020

Internet service providers in South Africa have been targeted with an unusually high number of Distributed Denial of Service (DDoS) attacks in recent months.

These attacks caused major Internet outages across multiple ISPs, with the worst-affected including Cool Ideas, Afrihost, and Axxess.

A DDoS attack is a flood of garbage Internet traffic sent to servers, routers, and other computers on a network with the aim of making it impossible to communicate with them.

Under ordinary circumstances, generating 100Gbps or 300Gbps of traffic would require tremendous resources.

However, techniques such as DNS Amplification have made it easier and cheaper for attackers to generate large volumes of attack traffic than ever before.

When the target of such an attack is a web server or critical network infrastructure, such a DDoS attack causes an outage. Network providers have developed methods to mitigate such attacks, and so attackers have found new ways of launching effective assaults.

Blackhole routing

South Africa’s Internet Service Providers’ Association (ISPA) has said that in an attempt to mitigate the severity of DDoS attacks against local ISPs, administrators at South Africa’s Internet exchanges are creating a “blackhole” that will funnel identified DDoS traffic through the exchanges into oblivion.

“The South African Internet will be better protected against DDoS attacks during the course of 2020 as local ISPs peering at JINX, CINX and DINX begin directing malicious traffic down a defensive blackhole,” said ISPA co-chair Guy Halse.

A defensive blackhole has the potential to funnel away malicious traffic, although it can occasionally cause service interruptions if legitimate traffic falls within its parameters.

This is a very effective way to fight DDoS traffic, however, and could be very useful for ensuring that local ISPs do not suffer another major outage.

The organisation added that South African Internet consumers can also play a part in safeguarding the local web, as DDoS attacks require attackers to gain control of a network of connected devices.

“Being careful to always source apps from legitimate app stores while making sure to read the comments, permissions and terms & conditions of individual apps will help ensure users do not inadvertently download the malware that powers DDoS attacks,” Halse said.

“DDoS attacks are a clear threat to the entire South African Internet ecosystem and ISPA and its partners will continue to tackle this particular challenge with renewed vigour in 2020.”

Now read: Don’t fall for these Facebook hoaxes