• Financial Center
  • Innovation

Denial of Service: When a Tidal Wave of Data Crashes

Background 29 Nov 2021

Denial of Service: When a Tidal Wave of Data Crashes

Cybercriminals can easily generate enormous volumes of data aimed at causing a denial of service – paralyzing a company’s business operations on the internet. Read about what options are available to prevent this from happening.

What company doesn’t delight in having lots of user traffic on its website and lots of clicks on its product and service offerings? Sometimes, though, what lies behind that website activity isn’t customer demand or even a human being at all, but rather computers manned by cybercriminals.

What Is a DDoS attack?

Cybercriminals are often capable of generating several hundred gigabits of data per second (see illustration) for the purpose of overwhelming and ultimately disabling a website, server, or an entire network. In such an incident, a company’s customers can no longer access a specific service, which causes revenue losses. Cybersecurity experts call this a denial-of‑service (DoS) attack, which sometimes also involves a ransom demand.  

The Three Biggest DDoS Attacks in History (Peak Data Volume per Second)

The Three Biggest DDoS Attacks in History (Peak Data Volume per Second)

When cybercriminals harness a whole network of computers to orchestrate their assault – by infecting third-party devices with malware, for example – this is called a distributed denial-of-service (DDoS) attack. DDoS attacks occur very frequently on the internet because the tools that cybercriminals employ to launch them are cheap to acquire and easy to use.   

How Can I Protect Myself from DDoS Attacks?

DDoS attacks can be averted, for instance, by limiting the number of queries, filtering them according to specific criteria, interposing a cloud infrastructure, or by going offline altogether. Leaving the internet, of course, only works if the offering at hand isn’t public – like in B2B applications. SIX, for instance, puts private connections at its clients’ disposal for many services (e.g., Finance IPNet and point-to-point connections). Or alternatively, a novel technology, the Secure Swiss Finance Network (see box), is also now available to make connections even more resistant to cyberattacks.

SSFN: New Infrastructure Increases the Swiss Financial Center’s Cybersecurity

The Swiss National Bank and SIX rolled out the Secure Swiss Finance Network (SSFN) end of November 2021. This will further increase the Swiss financial center’s resistance to cyber threats such as DDoS attacks (see the article on the left page) and route hijacking, i.e., the “hostile” takeover of groups of IP addresses.

Segregated from the internet, the SSFN is a monitored and protected network that allows authorized participants operating in the Swiss financial industry to communicate securely with each other and with financial market infrastructures such as the SIC payment transaction settlement system run by SIX. It is based on SCION technology, which was developed at the Swiss Federal Institute of Technology in Zurich and is supplied by Anapaya Systems. SCION technology makes it possible to control which participants may use the communication network and which path data take when being transmitted from sender to receiver.

The rollout of the SSFN marks the first application of SCION technology beyond a point-to-point connection outside a university setting. Close collaboration with a consortium of three telecom service providers – Sunrise, Swisscom, and SWITCH – enables system redundancy. An outage at one provider is bridged within seconds. The SSFN will initially run in parallel with the existing communications network of SIX, which is very secure in its own right.

Here you can find more information on SSFN.

Do you like this content?

0
0
Did You Like This Post?

Become a subscriber of RED and always stay up to date.

Subscribe Now

Learn More