The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a new warning as multiple organizations have suffered from distributed denial of service (DDoS) attacks recently.
The agency advises organizations to take immediate measures if an attack occurs, alerting IT staff so they can begin incident response procedures.
“Network administrators can also monitor network traffic to confirm the presence of an attack, identify the source, and mitigate the situation by applying firewall rules and possibly rerouting traffic through a DoS protection service,” the agency states.
“These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible,” the statement continues.
The agency has released free documentation to help organizations understand, detect, and mitigate the risks of DDoS attacks in the posted alert.
Anonymous Sudan targeting Microsoft Teams, Azure, Stripe, and U.S. Government Department Websites
CISA’s warning doesn’t provide any context on specific targets or attacks. However, companies such as Microsoft have dominated headlines as continuous barrages of malicious traffic have disrupted the availability of Teams, Azure cloud, and 365 applications (formerly Office). Anonymous Sudan and KillNet have claimed responsibility for the attacks, which Microsoft names Storm-1359.
Anonymous Sudan also successfully launched similar attacks against EFTPS.gov (U.S. Treasury Department’s Electronic Federal Tax Payment System) and the U.S. Commerce Department website.
Tinder, Lyft, Stripe, and various U.S. hospitals have also suffered attacks claimed by Anonymous Sudan.
