Distributed denial-of-service attack defense
This Security School is a free multimedia learning guide designed to help you understand and address the strategic and tactical implications of this topic.
Distributed denial-of-service (DDoS) attacks are a problem for enterprises that is growing in scale and frequency. DDoS techniques are aimed at disrupting an enterprise's online presence by flooding it with requests, causing a crash that makes its systems, data and services inaccessible to legitimate users.
It might be alarming to know that it is impossible to prevent an attacker from applying DDoS techniques against a publicly available service -- but the good news is that there are ways to keep your enterprise's resources functioning during a DDoS attack, and also best practices and technologies to adopt for surviving the most recent types of attacks.
"All it takes is a laptop and a few dollars," says Michael Cobb in this video, referencing how easily a malicious actor can use services or hire attackers with knowledge of DDoS techniques. Cobb, CISSP-ISSAP, is the managing director of CobWebb Applications, a consultancy that helps companies better secure their data, and he is a renowned security author with more than 20 years of IT experience.
New DDoS techniques that enterprises should watch out for include attacks focused on poorly secured and unpatched Internet of Things plug-n-play devices and sparse address spaces in IPv6 networks that are vulnerable to traffic flooding. In this webcast, Cobb explains the best practices for preparing for and withstanding a DDoS attack, which begins with creating a well-tested response plan. Enterprises should run publicly available services run separately on dedicated servers. Cobb also covers the reinforcements enterprises should have in place, namely on-demand and always-on mitigation solutions that are able to failover.
In his discussion of DDOS mitigation techniques, Cobb walks through the key steps in that companies must touch upon during its recovery period and ends with a discussion of how network administrators and IT professionals can collectively work toward better security and DDoS mitigation.
Watch this video to learn more about the latest DDoS techniques and how your enterprise can best prepare for these attacks.