DDoS Blog

Cyber Security News

DDoS Mitigation Strategy: 5 Essentials

By

One of the tips often given to security experts for mitigating DDoS attacks is to themselves think like a crook. Imagine playing the DDoS game yourself, looking for the secret passage to break through, working out what the vulnerability where you can squeeze through. In addition to software and technology which is the frontline of DDoS, it’s also worth considering the strategy behind a successful mitigation approach. These five essentials might help you do just that:

  1. Accurate Detection – The first necessity for defending yourself against DDoS is to know when you are being attacked. The second is ensuring you have an effective defense ready to mount when needed.
  2. Expect the Worst – Network attacks, in part thanks to the rise of IoT bots, are getting bigger and bigger. According to ISS Source, the average size of attacks over 50 gbps quadrupled over the past two years, and are expected to continue to rise. Ensure that your site can absorb the right capacity for your userbase. Service providers build large data centers and distribute traffic among them when possible. Network DDoS mitigation involves preparing a database of open DNS servers, or SNMP servers that have open “public” communities, and can step into the breach with added capacity if called upon.
  3. Block All Application Layer Bots – Be careful not to block good bots such as Bing or Google; however, ensure that your screening is precise and block all application layer bots. Even 50 excess page views per second can slow or crash your site.
  4. Continue to Let the Legitimate Traffic Through – You must attempt to let the legitimate traffic through even if you are under attack. Your users do not need to know, and do not care whether or not you are experiencing DDoS. Once hackers realize that their efforts are not being noticed, they are unlikely to come back.
  5. Listen to User Feedback, Including Grievances – One of the main reasons hackers conduct DDoS attacks is to diminish the reputation of the organization whose site is being hit, and to inconvenience their users. Provider your userbase will the opportunity to safely vent their concerns or complaints about automated lockouts. Users will appreciate your transparency, and you will also gain insights into how well your anti-DDoS system is performing.