Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks
December 2016 • Podcast
In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them.
“Something that people will ask me is, How can I keep somebody from attacking me? The answer is, go off the internet. If you want to prevent somebody from trying to attack you, unplug your website and go home, and do not ever check your email, and do not worry about it...I will not say this is a solved problem, but the good news is that there are a lot of tools available so that people can protect themselves at least from being completely overwhelmed or protect themselves from being completely out of business.” “ ”
Software Engineering Institute
In November 2016, Internet users across the Eastern Seaboard of the United States had trouble accessing popular websites, such as Reddit, Netflix, and the New York Times. Known as the Dyn attack, the disruption was the result of multiple distributed denial of service (DDoS) attacks against a single organization: Dyn, a New Hampshire-based Internet infrastructure company. DDoS attacks can be extremely disruptive, and they are on the rise. The Verisign Distributed Denial of Service Trends Report states that DDoS attack activity increased 85 percent in each of the last two years, with 32 percent of those attacks in the fourth quarter of 2015 targeting IT services, cloud computing, and software-as-a-service companies. In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them.
About the Speaker
Rachel Kartch is a senior member of the technical staff and the Situational Awareness Analysis team lead in the SEI’s CERT Division. Her primary focus is on using real-world operational concerns to drive the development of new analytic techniques for network defenders. Prior to joining CERT in 2010, Kartch worked as a network engineer in private industry, in both service provider and large enterprise environments.