Page 110 - Cyber Defense eMagazine forJune 2021
P. 110
Double up on your Bandwidth
Since DDoS attacks aim to overwhelm your network with fake traffic, one logical solution is to create an
alternative network connection. In other words, contract with another ISP that can provide a second
network connection. It is possible to work with your alternate ISP to provide its services only under certain
conditions. This will help keep costs down while still protecting against attacks.
Invest in Effective Solutions
It isn’t enough to improve traditional security, such as patching servers or upgrading your antivirus
applications. It is more effective to implement at least some of the following solutions:
• Install physical DDoS mitigation devices: DDoS traffic is often quite unique. Therefore, it is
somewhat difficult to properly identify. Physical devices are often very effective at protecting small
businesses from DDoS attacks because they can identify unique traffic. They can also work in
concert with web application firewall (WAF) implementations.
• Use a web application firewall (WAF): Usually, a WAF is good at thwarting traditional Denial of
Service (DoS) attacks. The primary difference between a DoS attack and a DDoS attack is that a
DoS attack targets a specific resource – usually a web server. But it is possible to use a WAF to
help defend against certain types of DDoS attacks.
• Use cloud scrubbing services: Often called scrubbing centers, these services are inserted
between the DDoS traffic and the victim network. They can then take traffic meant for a specific
network and route it to a different location. This different location is often called a “sinkhole,”
because it simply buries the offending traffic.
• Implement a content delivery network (CDN): Also called a content distribution network, this is
a group of geographically-distributed proxy servers and networks. They are designed to provide
information, and even services, from your network in case your primary network goes down. Such
a network can work as a single unit to provide content quickly via multiple backbone and WAN
connections, thus distributing network load. The result is that if one network becomes flooded,
the CDN can deliver content from another, unaffected group of networks.
Create a DDoS Response Plan
Aside from hardware and software measures, you and your team also need to be prepared to act in case
a DDoS attack occurs. Make sure you go over each element of your infrastructure and identify weak
points and vulnerabilities when it comes to DDoS activity. Prepare processes, procedures, mitigation
strategies and alerting systems as part of a comprehensive DDoS response plan.
Large and small organizations alike should consider establishing a DDoS response team. This team can
be composed of organizational leaders, the company CEO or owner, public relations professionals and
members of the IT department. Ensure that roles are clearly defined, along with escalation procedures
and practical guidelines. If you manage to detect a DDoS attack before it does any damage, odds are
you will be able to prevent it altogether — provided you have the technology and training to do so.
Cyber Defense eMagazine – June 2021 Edition 110
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.