What to do if you are under a DDOS attack: a guide to act

By Sven H. Dummer

In today’s hyper-connected world, DDOS attacks (Distributed Denial-of Service) are no longer a rare incidents. Cybercriminals are increasingly using more sophisticated techniques to disturb companies, have the reputation of damage and to impair critical online services.

The missions have never been higher. So what should you do if you are attacked?

Here are seven important steps to react to a DDOS attack and to protect your organization from these growing threats.

The increasing threat from DDOS attacks

DDOS attacks occur when malicious players flood a network with traffic, overwhelm its resources and do not make its services available. These attacks are sometimes used for blackmail; This means that attackers demand a ransom to stop the flood of malicious traffic. In some cases, attackers use DDOS as a fog wall to start malicious activities such as data injuries or malware.

Although DDOS attacks have been around for years, they have recently grown both in size and in complexity. The number of large DDOS attacks between 2021 and 2023 was increased by almost 50%, and 2024 is on the right track to break this record again.

Today, DDOS, as service offers, facilitates every attacker to use these disruptive attacks. For many organizations, traditional reduction techniques are no longer sufficient to stop the flood.

7 steps that have to be taken during a DDOS attack

Here are seven important actions that you can take to alleviate the damage and secure your infrastructure.

1. Rate your risk and current immune system. Start with the evaluation of your current DDOS reduction functions. Are your existing defense enough to manage the size and scope of the attack? Use your DDOS reduction provider to evaluate the continued threat and to react quickly to weak points.
2. Check your critical IP rooms and subnets. Make sure that your most important network resources, including critical subnet and IP rooms, are protected by reduction controls. This will help limit the areas of their infrastructure that can be impaired by the attack.
3. Always activate DDOS security controls. Use still on security controls as the first level of defense. This proactive approach minimizes the burden on incident responder and reduces the risk of emergency integration scenarios during a crisis.
4. Implement an edge base cloud-firewall. Expand your defenses beyond traditional DDOS protection by providing an edge base cloud firewall. This additional security level blocks malicious traffic before it even reaches its network and reduces the load of its internal firewalls and systems.
5. Protect your DNS infrastructure. DNS attacks (Domain Name System) are a common and highly effective method for disturbing services. Use a robust DNS solution to protect against DNS-focused attacks and set a dynamic proxy to protect on site or hybrid DNS infrastructures.
6. Activate your incident reaction plan. Make sure that your incident reaction plan is current and activated. This plan should contain a crisis reaction team with clearly defined roles, communication channels and predefined strategies for reducing the attack. A well -taken game book is the key to react calm and efficiently during a crisis.
7. Expand your protection for application and API layers. Many DDOS attack target applications and APIs, which makes it important to secure these components.

Why the human element counts

Modern DDOS attacks can easily (and often) overwhelm DDOS defense technologies based exclusively on automated reduction. Smart hackers examine such automated defense mechanisms to identify and abuse mistakes and weaknesses. The development of DDOS threats no longer focuses on increasing the attack volume and the range, but on the sophistication of the attack methods and the refinement of tactics.

That is why it is crucial to combine platforms, people and processes. The human factor is of essential importance for the navigation of complex, developing attacks, in which automated systems alone may not be fully addressed.

DDOS attacks grow in size and sophistication, and no organization is immune. With the right defense strategy you can protect your network, your services and reputation.

The introduction of platforms that are designed for complete flexibility with the option to benefit constantly or on questions ensures that your data centers, the cloud infrastructure and the services organized on the Internet are also secure from the most demanding threats.

(The author is Sven H. Dummer, Global Director of Product Marketing and Sandep Rath, Senior Product Marketing Executive at Akamai, and the views expressed in this article are his own)