DDoS Attacks: The Right Mitigation TechniquesNetscout's Richard Hummel on Developing an Effective Plan
Far too many organizations lack a comprehensive plan for quickly mitigating a DDoS attack, says Richard Hummel, manager of threat research at Netscout, who calls for a layered approach. (See: Life After Webstresser Disruption: No DDoS Holiday)
Only about a third of organizations have a detailed plan in place to mitigate the DDoS threat, he says, and many organizations fail to rehearse their plans.
"You need to have a lot of different business best practices in place so that if you do get hit with a DDoS attack, you are ready to remediate that as it's happening. ... It's a layered approach that organizations need to take," he says in an interview with Information Security Media Group.
Although volumetric attacks tend to get more media coverage because of their size and scope, there's actually a mix of large-scale as well as more targeted multivector attacks, he notes.
Plus, attacks are originating from a wider variety of nations, he explains. For example, he notes, "now we are starting to see a lot of attacks coming out of China attacking international targets." (See: Ransomware Report: Is China Attribution Merely Hype?)
In this interview (see audio link below photo), Hummel also discusses:
- Whether voluminous DDoS attacks have become easier to mitigate?;
- How CISOs must prepare their organizations to cope with DDoS attacks;
- Why Asia is increasingly being targeted for attacks.
Hummel, threat intelligence manager for Netscout, has 10 years of experience in the intelligence field. Previously, he served as manager and principal analyst of FireEye iSIGHT Intelligence's financial gain team. He began his career as a signals intelligence analyst with the United States Army.