Home / Blogs

New Threats Demand a New Approach to DDoS Protection

In the past 24 months, distributed denial of service (DDoS) attacks have changed profoundly. Gone are the days when attackers worked under the radar, when machines were infected by botnet code unknowingly and attacks were disguised leaving very little to trace the exact origin. Today, sophisticated attackers broadcast their aims to the world, mobilizing participants around socio-political causes. Their aim is to protest, not steal. Of course, if the website of a multinational bank is offline long enough, something has been robbed, be it revenues or public trust.

The other game-changer: It’s easier than ever to execute attacks. The tools are so widely available that anyone with basic skills and a high-speed connection can become a “hacktivist.” With protests of all kinds gaining momentum around the world, enterprises should be ready. It’s time to forge a plan.

At Neustar we see three key elements to dedicated DDoS protection: people, process and technology.

People: Create a Team of Experts

It’s vital to hire credentialed operational and engineering staff with proven experience in DDoS mitigation. Maintain your DDoS swat team as a separate unit practicing a highly specialized and recognized discipline. Be sure to nurture your talent and expertise and, above all, have a round-the-clock presence. Where I work, in the Neustar Security Operations Center, we mitigate attacks from all over the world 24x7.

Process: Document, Automate and Practice

Essential: alerts must be reviewed in real time, given threat assignments and classified per a standard guideline. With an established process, you’ll be able to respond faster and more effectively. You’ll also want to develop mitigation strategies to blunt the impact of DDoS on your company’s services. And remember, if practice doesn’t make perfect it beats the heck out of winging it, so run regular drills. Practice your response to different scenarios, so you can assess and fine-tune your incident handling. Your program should involve all stakeholders across the company and be sure to practice regularly—it’s how you learn and improve your performance come game time!

Technology: Adapt it to Work for You

Seek-out purpose-built technology that allows some degree of customization to your environment. Whatever you choose, it should allow you to detect and mitigate DDoS attacks quickly. It’s also a good idea to implement best practices that restrict all non-business-related traffic to your applications. Finally, deploy multi-layer defenses, giving you comprehensive protection from perimeter to application. (At Neustar, we built this into our DDoS mitigation service ‘SiteProtect’, knowing sophisticated attackers will probe every point of entry.)

Attacks Are a When, Not If

Of course, such a dedicated approach takes time, money and expertise. Many companies don’t have enough of all three, so there’s been a surge of interest in affordable, flexible third-party solutions. Our advice: as you do your homework, remember, the best defense is a good offense. With the right people, process and technology, you’ll have a winning game plan.

By Jim Pasquale, Jim Pasquale, Sr. Manager, Network and Information Security, Neustar Inc.

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC


Sponsored byDNIB.com