DDoS Survival Guide

How to survive a DDoS attack

DDoS Survival Guide

Distributed denial of service (DDoS) attacks can target any business with an Internet presence, so enterprises must take proactive steps to build a DDoS defense against all types of DDoS attacks. The costs from site downtime from a DDoS attack can be large in terms of lost revenue, customer dissatisfaction and IT time. Surviving a DDoS attack is possible but requires preparation.

When a DDoS attack hits, panic can prevail. Seconds count in DDoS mitigation and the faster DDoS mitigation is deployed, the shorter the site downtime. If there is no DDoS mitigation plan in place, several days of downtime can be expected.

Organizations that create a formal DDoS mitigation response plan are most successful in eliminating the panic around a DDoS attack. However, a DDoS defense plan on paper – or a promise from a DDoS mitigation vendor – is not a guarantee that the DDoS mitigation will work as expected. Unfortunately, the first real test of a company’s DDoS mitigation is when a distributed denial of service attack actually occurs. DDoS survival should not depend on an untested plan.

Best practices to survive a DDoS attack

Surviving a DDoS attack without an outage requires planning and coordination with your DDoS mitigation service. Some of the steps involved in coordination to survive a DDoS attack include:

  • With the DDoS mitigation service active, verify that all applications are performing properly.
  • Verify that all routing and DNS is working.
  • Generate a few gigabits of controlled traffic to validate the alerting, activation and mitigation features of the service.
  • Test small levels of traffic without scrubbing and without any DDoS protection to validate that your on-premises monitoring systems are functioning correctly. This action will also help you identify the stress points on your network.
  • Conduct baseline testing and calibrate systems to remediate vulnerabilities.
  • Schedule validation tests on a regular basis with your DDoS mitigation service provider.
  • Develop a DDoS mitigation playbook to ensure that everyone in the organization knows what to do and what to expect when a distributed denial of service DDoS attack hits.

Prepare for DDoS survival with a playbook

Winning sports teams don’t ad lib or panic on the field when the opposing team launches a surprise offensive play. They have a well-rehearsed playbook (also called a runbook) with defensive moves that have been developed based on expertise and experience. A similar type of playbook can be essential to a controlled, streamlined response to a DDoS attack.

IT management should talk to the DDoS mitigation services provider before an attack occurs. Ask questions and discuss all of the possible DDoS scenarios and threats that the company could experience.

Test and validate your DDoS monitoring and mitigation service, how they affect your network when activated, and how effective they are in defending against cyber-attacks. More importantly, having a strong operational plan for smooth service activation and communication when under DDoS attack should be an integral part of an organization’s DDoS survival plan.

Regularly evaluate the capabilities of your DDoS mitigation service provider. The vendor must be able to serve many clients simultaneously – an important factor to consider as the occurrences of DDoS attacks escalate.

When everyone in the organization – not just IT – understands what is involved in surviving a DDoS attack, they will be able to respond with more confidence, control and calm – knowing they are part of a well-practiced plan. As a result, the DDoS mitigation process will go more smoothly for minimized downtime and a faster return to business as usual.

You can survive a DDoS attack but it requires planning and practice.

Ready to learn more about DDoS survival?

The State of the Internet site provides resources to help enterprises understand and mitigate DDoS attacks:

Contact Us