Until recently many of them

Rakhirandiseo · Post by **Rakhirandiseo** » Thu Feb 06, 2025 6:13 am

Features of protection of banking web applications and remote banking systems from DDoS attacks
Ramil Khantimirov, CEO and co-founder of StormWall | 02.11.2022
The changing information security risk landscape this spring requires more balanced approaches to countering the most pressing type of cyberattack.

The massive DDoS attacks on Russian Internet resources that began in late February forced many organizations to take a fresh look at this type of cyber risk. Many Russian companies, government agencies, and Internet projects were subjected to DDoS attacks that were unusually powerful in strength, duration, and scope. Banks were not left without the "attention" of attackers either.

Unfortunately, built protection of their Internet applications, including remote banking systems (RBS), from DDoS attacks "the old-fashioned way", only occasionally checking their watches with the current situation and not taking into account the current risks, and they are as follows. Firstly, serious DDoS impacts occur at all levels: network (L3), transport (L4) and at the application level (L7). Protection at individual levels may be clearly insufficient to protect banking Internet resources from all DDoS risks. And, secondly, the protection of Internet services of financial organizations has its own specifics: for it to be effective, in some cases it is necessary to use methods that do not involve disclosing private SSL keys.

The fact is that modern banking electronic products, including germany mobile database banking systems, are usually based on critical, complex, multi-component applications that provide many different services online. In addition, financial institutions are subject to strict requirements of the PCI DSS payment system standard. In terms of preventing DDoS risks, this means the need to protect the most critical services using methods that do not disclose private SSL keys - this way, applications that provide the exchange of confidential (including personal) data can be protected from DDoS attacks: banking, processing, etc.

To reveal the keys or not to reveal them?
There are two main ways to protect resources from DDoS attacks at the Internet application level (L7): with and without disclosure of private SSL keys. The disclosure method is more versatile - it provides high flexibility of protection and provides many more opportunities due to the fact that it allows you to embed interactive checks. For example, you can check whether the visitor's browser supports various functions - redirects (automatic redirection of users to another web page), JavaScript mechanisms, etc. In addition, disclosure of private keys simplifies the assessment of the legitimacy of the visitor and the decision to admit him to the protected Internet services.