In November 2016, Internet users across the Eastern Seaboard of the United States had trouble accessing popular websites, such as Reddit, Netflix, and the New York Times. Known as the Dyn attack, the disruption was the result of multiple distributed denial of service (DDoS) attacks against a single organization: Dyn, a New Hampshire-based Internet infrastructure company. DDoS attacks can be extremely disruptive, and they are on the rise. The Verisign Distributed Denial of Service Trends Report states that DDoS attack activity increased 85 percent in each of the last two years, with 32 percent of those attacks in the fourth quarter of 2015 targeting IT services, cloud computing, and software-as-a-service companies. In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them.
Rachel Kartch is a senior member of the technical staff and the Situational Awareness Analysis team lead in the SEI’s CERT Division. Her primary focus is on using real-world operational concerns to drive the development of new analytic techniques for network defenders. Prior to joining CERT in 2010, Kartch worked as a network engineer in private industry, in both service provider and large enterprise environments.