5 Best Practices for Mitigating DDoS Attacks

For organisations, a distributed denial-of-service (DDoS) attack is one of the dangerous obstacles they’ll face. While a DDoS attack takes different forms, the goal of the attacks is to typically incapacitate targeted servers or networks by flooding them with traffic from compromised devices or networks. Not only do these attacks cause services to be severely interrupted, but there is a significant cost to organisations. The average DDoS attack costs enterprise businesses around $2m and costs small and medium-sized businesses around $120,000.

Often, attackers employ DDoS attacks to extort businesses in a similar way to ransomware attacks. Indeed, DDoS has paired with ransomware for a long time. Here, cyber-criminals flood a victim’s servers and networks with requests, crippling their operations and then demanding money to end the foray. A survey carried out this year of 313 cybersecurity professionals by the Neustar International Security Council (NISC) found that nearly half (44%) of organisations have been targeted or fallen victim to a ransom-related distributed denial of service (RDDoS) attack in the past 12 months.

Given the danger posed by DDoS attacks, especially ransom-related DDoS attacks, security teams often find themselves in a state of consternation. Fortunately, there are best practices to mitigate such attacks. Here are five examples of best practices organisations should adopt:

Design a Robust Architecture

It is crucial to ensure that your IT infrastructure doesn’t have any single points of failure that a cyber-attacker could exploit. This could mean ensuring that data servers have different networks and paths, locating servers in separate data centers in different geographical points and securing the diversity of service providers.

Use Cloud-Based Hosting From Major Providers

Closely related to designing a robust architecture, cloud-based hosting typically uses multiple servers to store files. Suppose one of those servers goes down because of a DDoS attack. In that case, other servers can offer reprieve, ensuring you don’t experience any downtime because resources will be shared across multiple servers. When deciding on a hosting provider, consider whether the provider hosts websites through major providers or using their own servers.

Have a DDoS Response Plan

What will your business do if and when a DDoS attack happens? What are the notification and escalation procedures? By ensuring you have a plan in place, you’ll be able to respond promptly and effectively when attackers target your network. The challenge here is that the more complicated the infrastructure, the more intricate your DDoS plan will have to be.

Have a Static Version of Your Website

Having a static version of your website can help remediate DDoS attacks since you will have a place to send the traffic if the website does go down. A static version of your website requires significantly less processing power and bandwidth to lower some of the load on your company’s servers.

Incorporate AI into your security stack

Given the scale and speed by which attackers launch DDoS attacks, humans are just not effective responders. Types of security systems leveraging artificial intelligence (AI) can learn what “normal” for a business is. AI can even respond to a DDoS attack — when an "abnormal" uptick in traffic occurs, AI can analyse the traffic and block access from suspicious locations, to enforce the "normal."