Anatomy of a DDoS Attack


This article has been written by Trey Guinn and is reprinted courtesy of Data Breach Today.

For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.

Ransom-based attacks are in the spotlight now, but Guinn – head of solution engineering at CloudFlare – has discovered an interesting disconnect.

“There are more attackers sending out ransom notes than are actually doing attacks,” Guinn says. “We have seen many of these ransom notes go out, but it’s clear in how [the attackers] receive payment that they have no way to determine who actually has paid the ransom. There is no expectation that there is … going to be an attack.”

The message to security leaders, then, is crystal clear, he says: “Never pay the ransom.”

In a discussion about matching DDoS defenses to DDoS attacks, Guinn talks about:

Types of DDoS attacks most predominant today;
How mitigation techniques must match the types of attacks;
How to respond specifically to ransom-based attacks.

Anatomy of a DDoS attack