Search
Close this search box.

Blog

5 Tips for Defending Against DDoS Attacks

A blog that discusses the evolution and increasing sophistication of DDoS attack, and the steps to take and tools to implement that will help mitigate that threat.
November 23, 2022

5 Tips for Defending Against DDoS Attacks

The nature of DDoS attacks is constantly evolving due in part to the technology used but also to the motivations of the attackers. Today’s distributed denial of service (DDoS) attacks are very different to the ones of only a scant few years ago. Originally, these cyber tsunamis were straightforward volumetric attacks to single victim IP addresses intended to cause embarrassment and disruption. Now the motives behind DDoS attacks are increasingly unclear, the techniques are becoming ever-more complex, and the frequency of attacks is growing exponentially. Even more serious is the fact that attacks can now be automated, attackers can switch profiles faster than any human or traditional DDoS security solution can respond to. The size, frequency and duration of modern DDoS attacks represents a serious threat to any organization connected to the internet. Minutes or even tens of seconds of downtime, or increased latency could significantly impact a business. But there is some good news. Despite the increase and frequency of attacks, there are way to mitigate the damage or the attack itself.

There are 5 dos and don’ts to help ensure that your business is protected from DDoS attacks.

  • Document your DDoS resiliency plan. A good resiliency plan is breaks down into three components, all of which should be carefully documented, easy to locate, and kept up to date.
    • The technical competencies on staff, including emergency contact information and where and when they fit within the incident response team responsible for mitigating the attach and reducing the damage.
    • A crisis communication process to alert all key decision makers across the organization to ensure stakeholders are notified and consulted accordingly.
    • An operations plan that protects business continuity in the event of a DDoS attack, allowing the business to continue to operate, despite an active, ongoing threat or actual attack.
  • Recognize DDoS attack activity. Large, high-volume DDoS attacks are not the only form of DDoS activity. Short duration, low-volume attacks are commonly launched by cybercriminals as a stress- test, searching for vulnerabilities within your network. Understand your network traffic patterns and look to a managed service provider of DDoS Mitigation services to help identify DDoS traffic in real-time, with the ability to immediately remove both large volumetric and small resource attacks.
  • Don’t assume that only large-scale, volumetric attacks are the problem. DDoS attackers are getting more sophisticated; their objective is not only to render a website or network paralyzed, but possibly as a distraction to network or security staff, with the intent of disguising a more nefarious network infiltration. Such attacks typically are short duration (under 5 minutes) and low volume, meaning they could easily slip under the radar without mitigation by a traffic monitor, or even by legacy DDoS protection systems.
  • Don’t rely on traffic monitoring or thresholds. You may notice when network traffic spikes, but are you be able to distinguish between good traffic and bad traffic? How do you respond to a spike? Could you block out only the bad traffic, or would your network resources be overwhelmed? Monitoring your traffic and setting threshold limits is not a form of protection, especially if you consider that small resource attacks often go unnoticed by threshold triggers.
  • Don’t rely on an IPS or firewall. Neither an intrusion prevention system (IPS) nor a firewall will protect you. Even firewalls that claim anti-DDoS capabilities built-in have very limited abilities to block attacks. Those firewalls often rely on the usage of indiscriminate thresholds and when the threshold limit is reached, every application and every user using that port gets blocked, causing an outage. It is also possible for attacks to simply flood your internet connection to the point that no amount of traffic blocking by the firewall will have any effect.

The best defense is a good offense. Real, pro-active DDoS protection is best provided by a tier 1 ISP network with large capacity interfaces and the ability to detect and mitigate DDoS attacks at scale. As your resiliency plan takes shape, spend time research full-service providers with Tier one.

As you develop your resiliency and Defense-in-Depth strategy, be sure to include DDoS protection. When every second counts, time-to-mitigation must be a critical factor in your decision-making process and an always on solution capable of defending against even the largest of attacks provides you the best defense. With always on DDoS protection, you can be assured that "bad" traffic will be blocked, letting legitimate traffic and your business keep operating. Look to a Managed Security Service Provider that is backed by security experts and best in breed DDoS technology offering unlimited clean traffic for any size network along with alerting, reporting and visibility of the service through self-service tools.

Related RESOURCES

Uncategorized

What is Network and Security as a Service (NSaaS) and How Does it Benefit Your Enterprise?

As the cybersecurity landscape evolves rapidly, businesses face a dual challenge: managing increasingly complex networks while safeguarding against emerging threats. Networking and Security as a ...
Uncategorized

Why Managed Services Make Sense for a SASE Framework

The co-managed option helps companies solve their challenges, while upskilling internal teams and improving performance. GTT's latest research-based white paper, Trends and Solutions for a ...
Blog

The Big Takeaway: 97% Say Cybersecurity & Network Integration is the Logical Next Step

When it comes to SD-WAN and SSE, as well as cybersecurity and networking teams, integration provides a range of benefits across the enterprise. GTT's latest ...
Blog

5 Common Ways Cybercriminals Spread Malware (and How To Outsmart Them)

There are currently around 1.2 billion malicious programs and potentially unwanted applications in existence, with threat actors deploying an average of 200,454 unique malware scripts ...
How is ESG part of working at GTT?
Blog

How is ESG part of working at GTT?

At GTT, we are passionate about supporting people – and it is that passion that drives our commitment to enhancing and growing our environmental, social ...
The Power of Training, Mentoring and Learning at GTT
Blog

Unlocking My Full Potential: The Power of Training, Mentoring and Learning at GTT

In a world where the pursuit of personal and professional excellence is a constant endeavor, I'm proud to work at GTT. Its mentoring and learning ...
DDoS attacks
Blog

DDoS Attacks in the First Half of 2024

Recent DDoS attacks including the Port of Seattle and Microsoft are showing that Cybercriminals are becoming more bold and attacking organizations regardless of size or ...
Young female engineer concept. GUI (Graphical User Interface).
Blog

How to Choose The Right SD-WAN Managed Service Provider for Your Business

Many factors can influence an enterprise's decision regarding which MSP to work with for SD-WAN, SSE and a SASE framework. But most agree on which ...
Blog

Heightened DDoS Activity: A Growing Concern in 2024

In January and February of 2024, GTT’s Security Operations Center along with Corero’s Advanced Research Team have jointly recorded a significant surge in distributed denial-of-service ...

OUR GARTNER RATING

Gartner Peer Insights logo
4.2

62 Reviews

88%
as of the last 12 months

Talk to an Expert

Interested in learning more about GTT products & services? Please complete this short form to schedule a call with one of our sales consultants.

Thank you for your information. One of our sales consultants will be in touch with you.

Scroll to Top