A DDoS (Distributed Denial of Service) attack is like a massive traffic jam on the internet. Instead of one car blocking the road, DDoS uses many computers to flood a website or online service with so much traffic that it crashes or becomes super slow. The goal isn’t to steal data, but to make the service unusable for everyone else.
Examples
- Online Store: Imagine a hacker directs a million fake customers to an online store at the same time. The store’s servers can’t handle all the requests and shut down. No real customers can get in to buy anything.
- Gaming Server: A rival gamer might use a DDoS attack to knock an opponent’s game server offline during a big tournament. All the players get kicked off and can’t continue the game.
Context
DDoS attacks are a common cyber threat that can affect anyone, from a small blog to a huge company. They often use a “botnet,” which is a network of hijacked computers (without the owners knowing) to launch the attack. Preventing and stopping these attacks is a key part of cybersecurity.
Relevant ISO 27001 Controls
The following controls from the ISO/IEC 27001:2022 standard are related to DDoS:
- ISO 27001:2022 Annex A 8.20 Network Security: This control is about having rules for information security on a network. It’s like setting up traffic rules to manage who can access your system.
- ISO 27001:2022 Annex A 8.21 Security of Network Services: This control sets the rules for network providers.
- ISO 27001:2022 Annex A 5.30 ICT Readiness For Business Continuity: This control is about having a plan to keep things running after a disaster, like a DDoS attack. It’s about being prepared to restore your services quickly.
