Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

DRJ Blogs

DRJ Community Blogs

Nov 12
2013

Five Strategies to Prevent a Distributed Denial of Service (DDoS) Attack

Posted by: Continuity Australia in DRJ Blogs

Tagged in: Untagged 

Continuity Australia

By Tony Shen, OpsCentre
Originally posted on OpsCentre's Blog

Distributed Denial of Service (DDoS) attacks are becoming a trending and serious issue when it comes to Cyber Security across many industries in particular the banking and financial sectors.

In a DDoS attack Botnets (usually referred to as a “Zombie army”) bombards a server or a network with thousands of system requests sent from infected computers and internet connections causing network traffic to become overloaded and unavailable. So how do we prevent this from happening? Below are five strategies that can be used to prevent a DDoS.

One is improving network resilience by implementing connection redundancy and dedicated DDoS mitigation systems to isolate and remediate attacks. Consider deployment of additional DNS and web servers to balance the CPU load from the incoming flood of requests or use load balancing to bring critical services back up quickly.

Two ensure your ISPs network connection to the internet has above sufficient bandwidth to accommodate the increase of network traffic to normalise online availability and other services to continue running.

Three ensure your contract (SLA) with your ISP allows for flexibility to increase network bandwidth to the internet. In addition what methods and network connection changes will they undertake in order for your organisation to survive a DDoS attack.

Four segregate your network for different services such as separating transactional services from your public facing web server network. This helps if an attack does occur, only a proportion of services will be affected and your critical services remain operational. Ensure firewalls are configured to block malicious denial of service traffic and handle large connection rates if a DDoS does occur.

Five is to develop a Business Continuity & Disaster Recovery Plan that includes DDoS attack response mitigation strategies and procedures covering what pre-approved actions are to be carried out in the event of a DDoS attack. Testing and training of the response will assist recovery teams in implementing the best solutions at the time of the disaster.