DDoS Lessons Learned, and Staying Ahead of These Threats in 2016
The DDoS attack landscape of 2015 has brought a consistent spattering of headlines that further highlight the severity of this type of cyber-attack.
We’ve learned through the unfortunate tales of companies victimized by DDoS, that the attacks themselves are becoming far more sophisticated.
Dealing with DDoS requires a proactive approach, one that identifies the malicious activity and mitigates the attack automatically.
Here is a five step plan to eliminate the DDoS threat to your business in 2016:
Understand what your upstream provider, or hoster will do if you become a DDoS target.
Does your provider offer premium DDoS protection services? Will they black-hole you if you become a target? What happens if a neighboring hosted customer gets hit with a DDoS attack—am I at risk?
You must have a DDoS plan in place with your ISP or hoster so that the steps for mitigation are clear, and SLA’s are maintained, and your business is not impacted.
Don’t count on a traditional security infrastructure to stop a DDoS attack.
Your firewalls, IPS devices and load balancers are insufficient in defeating DDoS attacks that are increasingly common today. Traditional solutions are not designed to handle the diverse and increasingly sophisticated DDoS attack. Firewalls can be easily overrun by DDoS, and IPS devices can’t handle the flood of traffic, causing them to fail to layer 2 fall back mode.
Don’t give in to DDoS ransom threats – you are simply fueling the fire.
The collateral damage associated with successful DDoS attacks can be exponential. When service providers lack proper protection mechanisms to defeat attacks in real-time, the costs associated with the outages are wide ranging and the impact to downstream or co-located customers can be devastating. Further fueling this epidemic is the payout on these ransom related threats. DDoS attack tools are easy to come by and perhaps even easier to use. This is an easy and anonymous recipe for anyone looking to make a quick buck, and the victims are proving this every day. Properly prepared organizations can stem this tide by refusing the ransom requests, secure in the knowledge that they are protected and can withstand the deluge of attack traffic.
Dark DDoS is a security threat more than an availability threat.
Security teams are faced with the pressure to do as much as possible to eliminate malware-driven data breaches. DDoS attacks are often perceived as an “external” issue with less-immediate consequences. However, attackers have found new ways to apply DDoS tactics, and their ability mask malware. As a result, we have identified a changing breed of threats that defenders cannot afford to misinterpret.
It is critical that security teams keep an eye on Dark DDoS – attacks that are executed as masking agents and smokescreens for greater breach activity.
Automatic DDoS defense ensures proper protection.
The Internet connected business can eliminate DDoS threats; ransom related or otherwise, with purpose built DDoS protection solutions. Specifically, appliance-based network security products can be deployed at the Internet edge to defeat this problem before it enters the network. A first line of defense approach prevents network and service outages due to DDoS attacks by inspecting traffic at line-rate and blocking attacks automatically, in real time while enabling complete and sophisticated visibility for actionable security intelligence related to DDoS attacks targeting Internet-facing services.