Want to learn more about our solutions, use cases and best practices for attack defense? In our download area you will find product sheets, fact sheets, white papers and case studies.
At one look
03
Distributed Reflection Denial of Service Attack (DRDoS)
A Distributed Reflection Denial of Service attack is a special form of DDoS. In this case, malicious requests do not originate from a botnet, for example, but from normal Internet services, making defense even trickier, since in the first step the system does not recognize a direct threat posed by these Internet services. Via IP spoofing (sending IP packets with forged IP sender addresses), attackers manipulate these services to direct traffic towards the target. This approach makes it possible to conceal attacks. DRDoS attacks take place, for instance, via DNS services, as DNS amplification attacks, in which massive amounts of data flood the victim.
04
Who are the attackers?
Their motives for carrying out a DDoS attack are as varied as they are vile: extortion, harming the competition, envy, or political protest. The goal, however, is always the same: causing the victim organization as much damage as possible. Who are behind the attacks?
Individual criminals or groups
Political activits
Competitors
Dissatisfied users/customers who want to make their displeasure more than clearly known
08
How can DDoS attacks be fended off?
In an age of large-scale networking, DDoS attacks are almost a daily occurrence. There is probably no company that does not somehow encounter them in one way or another. To ensure that you are immune to such cyberattacks, it is advisable to rely on the expertise of experienced IT security service providers who know exactly how to deal with them.
DDoS protection solutions filter incoming traffic and thus differentiate between valid requests and malicious access. Companies that are frequently affected by DDoS attacks, or generally have a higher risk of damage, do well to leave their protection mechanism active in the long term—others only use the solutions when necessary to reduce effort and costs. Depending on the level of protection required, hardware appliances or cloud solutions can be used.
In this instance, an appliance is installed in the company’s data center or in the backend of the provider. This application filters out a large part of the traffic—similar to what a specialized virus scanner does. The protection is immediate and does not require significant changes to the network. However, the on-premise option is not suitable for large volumetric attacks, as the upstream provider is quickly overloaded, preventing the attack’s traffic from reaching the appliance.
In this variant, even large volumetric attacks can be fended off. Unlike an appliance, no additional hardware or software is required. The IT security service provider also handles configuration and operation. There are a variety of cloud-based DDoS protection services available for protecting websites and online services (layer 7) and for defending data centers (layers 3/4). Depending on requirements, cloud protection can be permanently enabled or only on-demand in the event of an attack.
09
Other tips for successfully fending off DDoS attacks
In order to successfully minimize the risk of DDoS attacks and to be prepared for an emergency, the following considerations in advance are absolutely warranted:
"DDoS-Playbook"
Companies that have preemptively set up a “DDoS playbook” are strategically better able to handle an emergency. The playbook should include the names and details of the employees to be contacted in case of an attack. It is also helpful if the roles and responsibilities are precisely defined and documented. Particularly in a worst-case scenario, nothing should be left to chance. All of these details are intended to ensure that communication and operative capacity remain operational in the event of an attack, even if IT fails or specific processes are temporarily unavailable.
Monitoring
The defense of a network can never be overestimated. After all, the use of modern network technologies has increased and some industries can no longer be imagined without them. That’s why IT security should be an integral component of corporate strategy.
Benchmarking
To better identify ongoing attacks, a kind of benchmarking is also recommended. A number of companies still have no idea how high network utilization is in “normal” operation. This is why they are not immediately able to determine whether they are vulnerable to a DDoS attack—companies often mistakenly believe that they are safe because they are not very good at assessing the risks and do not know their own protection systems well enough. That’s why it is essential to closely monitor network traffic and set benchmarks to ensure that anomalies are correctly classified without delay.
Maintenance
The maintenance and permanent monitoring of servers and network devices with patches released by manufacturers must be a key component of an IT security concept and must also be evaluated as such.
Challenging
It is advisable to regularly evaluate the benchmarks set and to “call them into question” again and again this is the only way to best protect the performance of the systems and other critical factors.
Awareness
Increase the consciousness and awareness of security: Increased security awareness is also required within the company, especially if it has a business-critical online presence or network infrastructure.
10
What you need to know about DDoS mitigation
Attackers employ DDoS attacks to bring the IT infrastructure of companies to its knees with massive amounts of fake server requests. To do this, cybercriminals use widely dispersed botnets as a weapon or misuse the DNS to intensify attacks. In many cases, DDoS attacks are accompanied by other concurrent attacks designed to infiltrate the system with malware or steal valuable corporate data.
Effective defense against such DDoS attacks requires professional protection solutions perfectly tailored to your own IT infrastructure and quickly available when needed. Only when these requirements are met can costly failures of online services and other digital processes be avoided.
DDoS protection filters incoming traffic and only forwards legitimate requests to web servers, protecting the underlying IT infrastructure from becoming overloaded and making it possible for conventional requests to still be processed as usual.
Myra Security-as-a-Service-Plattform gives companies in any sector a customized solution for protecting digital business processes. The fully automated technology analyzes incoming traffic in real time and filters out malicious data streams before virtual attacks do any real harm. Thanks to its cloud-based design, implementation of the protection solution is quick and easy, requiring no additional hardware or software.
Want to learn more about our solutions, use cases and best practices for attack defense? In our download area you will find product sheets, fact sheets, white papers and case studies.