Home / Blogs

New Threats Demand a New Approach to DDoS Protection

Jim Pasquale

In the past 24 months, distributed denial of service (DDoS) attacks have changed profoundly. Gone are the days when attackers worked under the radar, when machines were infected by botnet code unknowingly and attacks were disguised leaving very little to trace the exact origin. Today, sophisticated attackers broadcast their aims to the world, mobilizing participants around socio-political causes. Their aim is to protest, not steal. Of course, if the website of a multinational bank is offline long enough, something has been robbed, be it revenues or public trust.

The other game-changer: It's easier than ever to execute attacks. The tools are so widely available that anyone with basic skills and a high-speed connection can become a "hacktivist." With protests of all kinds gaining momentum around the world, enterprises should be ready. It's time to forge a plan.

At Neustar we see three key elements to dedicated DDoS protection: people, process and technology.

People: Create a Team of Experts

It's vital to hire credentialed operational and engineering staff with proven experience in DDoS mitigation. Maintain your DDoS swat team as a separate unit practicing a highly specialized and recognized discipline. Be sure to nurture your talent and expertise and, above all, have a round-the-clock presence. Where I work, in the Neustar Security Operations Center, we mitigate attacks from all over the world 24x7.

Process: Document, Automate and Practice

Essential: alerts must be reviewed in real time, given threat assignments and classified per a standard guideline. With an established process, you'll be able to respond faster and more effectively. You'll also want to develop mitigation strategies to blunt the impact of DDoS on your company's services. And remember, if practice doesn't make perfect it beats the heck out of winging it, so run regular drills. Practice your response to different scenarios, so you can assess and fine-tune your incident handling. Your program should involve all stakeholders across the company and be sure to practice regularly — it's how you learn and improve your performance come game time!

Technology: Adapt it to Work for You

Seek-out purpose-built technology that allows some degree of customization to your environment. Whatever you choose, it should allow you to detect and mitigate DDoS attacks quickly. It's also a good idea to implement best practices that restrict all non-business-related traffic to your applications. Finally, deploy multi-layer defenses, giving you comprehensive protection from perimeter to application. (At Neustar, we built this into our DDoS mitigation service 'SiteProtect', knowing sophisticated attackers will probe every point of entry.)

Attacks Are a When, Not If

Of course, such a dedicated approach takes time, money and expertise. Many companies don't have enough of all three, so there's been a surge of interest in affordable, flexible third-party solutions. Our advice: as you do your homework, remember, the best defense is a good offense. With the right people, process and technology, you'll have a winning game plan.

By Jim Pasquale, Jim Pasquale, Sr. Manager, Network and Information Security, Neustar Inc.

Related topics: Cyberattack, Cybercrime, DDoS, DNS, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Dyn Acquires Internet Intelligence Company, Renesys

Tips to Address New FFIEC DDoS Requirements

Smokescreening: Data Theft Makes DDoS More Dangerous

Introducing getdns: a Modern, Extensible, Open Source API for the DNS

Why We Decided to Stop Offering Free Accounts

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Dyn Acquires Managed DNS Provider Nettica

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Why Managed DNS Means Secure DNS

Sponsored Topics