How to Guides

Get started with Making a DDoS Response Plan!

Distributed denial of Service (DDoS) attacks are a very real threat. It’s imperative that businesses and organizations forego conventional, outdated firewalls that offer little protection against DDoS attacks. To this day, organizations and websites only get around to making a DDos Response Plan after already taking the brunt of an attack. This needs to change.

DDoS attacks and its dangers

The denial of a service attack essentially involves pummeling an IP address by bombarding it with large volumes of traffic. This traffic is perpetuated and malicious, while the legitimate traffic headed toward the website is unable to contact the website. The website is rendered useless. The service is denied. It’s to be reiterated, that’s just the denial of a service attack.

A distributed denial of service attack (DDoS) however, takes up a more aggressive form of attack. It is the same as a denial of service attack in its essence but the malicious traffic originates from several different sources, before converging at one unifying point. With these malicious sources of traffic emanating from different parts of the world they’re much harder to combat.

A DDoS attack can cripple a website or an organization, result in substantial financial losses and they’re on the rise. Compared to the same quarter of the past year in 2014, there has been a 117 % rise in DDoS attacks. That’s in the space of a year alone! In today’s cyber security landscape, that level of growth ought to set alarm bells ringing. Some of the prominent targets for DDoS attacks are :

  • Websites
  • Web Servers
  • Web Apps
  • VoIP (Voice over Internet Protocol) systems.
  • Email Servers
  • DNS Servers
  • Trading Platforms (Stock markets)
  • Gaming Servers (Playstation Network, XBOX Live)

Preparing your organization by making a DDoS response plan

A quick check-list includes:

  • Setting up a DDoS response team. Put together a team that will be well-trained and adept in responding to an attack when it occurs. This will help dispel confusion and chaos.
  • Develop a response plan. It’s important to delegate and determine everyone’s responsibilities after an attack occurs. Training drills beforehand will help improve efficiency and practice helps in minimizing the response time.
  • Make a risk assessment. Identify the assets of your organization that’s likely to be targeted for an attack. This is half the battle won.
  • Locate single points of entry. Find any vulnerabilities and fix them as you find them.

Technologies to consider

Crafting an effective DDoS plan has to include potential solutions that will help in combating such attacks as well. Such solutions in the form of software and technologies must involve:

  • Detection. Response times matter. With good detection capabilities, you’ll be made aware of an attack immediately.
  • Differentiation. An effective plan, even while at the receiving end of an attack should give you the ability to differentiate between malicious traffic in the form of bots and legitimate users trying to access your server or website.
  • An effective Web Application Firewall. To protect yourself from application-level threats, a WAF goes a long way in offering a safeguard.

Functioning through and after a DDoS attack

Being effective and functional during a DDoS attack could make or break your web servers. You are the defense. Organize your war room by getting the response team up and running immediately after being under attack. Clear communication is imperative. The discussing of ideas and solutions on the frontline could kill or limit the damages of a DDoS attack by tackling it as soon as an attack flares up.

Similarly, there have to be protocols that are planned ahead and set up to assess ransom notes or other threats that are levied after an attack. Morale is vital as well. Having the mental fortitude to stay calm and take a rational approach while addressing employees will help exude and spread confidence around the war room as well as your organization.

Once the dust has settled, a complete analysis of damages and changes that have occurred since the attack will provide valuable insight in trying to ensure future assaults are curbed before they happen.

Summary

Proactive planning and preparing a response time well in advance of any attacks is an essential part of ensuring your organization’s assets, privacy and finances are protected against malicious hackers, activists and even competitors playing dirty.

Leave a Comment