Jul 11, 2012
Where's the 911 for DDoS?
Late last month, two members of the hacker group LulzSec pleaded guilty to launching distributed denial-of-service attacks against entities ranging from the state of Arizona to Nintendo to the CIA. Yet despite extensive media coverage, CISOs are still surprised when their companies get hit--they react to a common event as if it were an unforeseeable act of nature. Fortunately, a little planning, some extra vigilance and reinforcements from security experts can return DDoS attacks to the category of inconvenience instead of catastrophe.
Knowledge is power, particularly when it comes to network security, so before diving into mitigation methods and services, it's necessary to understand how DDoS attacks work and the groups most often behind them. Like every cybersecurity problem, DDoS technology has gotten more sophisticated and no longer relies only on abusing shortcomings in TCP/IP. Attackers have worked their way up the application stack and are increasingly focused on Web and database servers. This makes attacks both more effective and harder to detect.
In this report, we'll review the DDoS threat landscape, look at who's most at risk, discuss attacker motives, and outline common features of DDoS mitigation services and their pricing models. We'll also offer some tips on preparing for a DDoS attack and list some best practices to limit the damage should you find yourself on the receiving end of a concerted blitz without professional reinforcements. (S5290712)