DDoS Testing – A Tool to Increase IT Security

A hot topic for IT professionals in Hungary this year is ensuring legal compliance of their IT systems. Financial organizations are targeted by the DORA regulation to improve operational resiliency and minimize cyber security threats, while organizations in the high risk and critical risk categories, including many industrial manufacturing companies, are covered by the NIS2 directive (and MK Regulation 7/2024), which has a similar objective. Both sectors are required, among other things, to apply risk management, to develop and regularly test protection mechanisms to ensure operational resilience, and to report incidents.

A common type of cybersecurity threats is the (distributed) denial of service attack (DDoS), which, in addition to its primary technical consequence of making the attacked service unavailable, has obvious business consequences: financial loss from service disruption and loss of reputation.

It is intentional that the above-mentioned legislation requires not only the deployment of protection, but also its testing. Until it is tested, it is only a strong assumption that all IT security elements are in place, all settings are configured correctly. But on the attackers’ side, there is also constant development, so it is real life, or better still testing, that can turn this strong assumption into certainty.

The question of DDoS protection capabilities is not only whether the technical equipment and methods of protection are adequate. Especially in a large organization, it is at least as important whether detection is sufficiently rapid, staff are competent, and processes and communication channels are in place to ensure immediate intervention. The managed DDoS testing provided by Verticum Networks can be used not only to test the specific technical defense capability, but also to assess the organization’s ability to respond.

DDoS testing is performed using a centrally managed global (geolocally configurable) network of bots. The bots send attack traffic from real IP addresses in legitimate networks, which can be tuned in both type and volume.

Attack scenarios are run in a predefined manner based on a test plan approved by the customer. The parameters of the test scenarios are pre-configured, but can be modified on the fly if required. Testing is performed by our expert engineers and the generation of attack traffic can be interrupted at any time, for example in case of unexpected side effects.

  • The tests provide the characteristics and patterns of real DDoS attacks, meeting the requirements for operational resilience testing.
  • The test methodology allows the identification and improvement of vulnerabilities in the defense in accordance with the risk management requirements of the legislation.
  • Detecting and adequate responding to DDoS attacks are a prerequisite for incident management and reporting requirements. Testing can highlight potential weaknesses in tools and processes.
  • Testing can reveal potential bottlenecks of third party service providers, either in the area of infrastructure (e.g. ISP, hosting) or managed DDoS protection services.
  • The test results can be fed back into both the technical toolkit of the protection and the operational and development processes.

Testing based on an elaborated protocol will provide an answer as to whether the infrastructure or service is being protected effectively enough and will bring the organization closer to legal compliance.