Preparing for denial-of-service attacks with Talos Incident Response

By Yuri Kramarz. 

Over the years, several extorsion-style and politically motivated denial-of-service attacks increased and still pose a threat to businesses and organizations of any size that can find themselves in the crosshairs of various malicious campaigns.  

A detailed preparation plan is needed to handle attacks that might come in various formats and over different protocols aiming at grinding existing infrastructure to a halt. 

Understanding potential effects ahead of an attack can lead to reduced response times, which in turn would benefit business operations. 

Executive Overview 

Over the last few years, the world has seen several attacks aiming at temporarily disabling the infrastructure of the target companies or entire governments. These attacks, known as denial-of-service (DoS), or distributed denial-of-service (DDoS) use multiple network resources such as botnets or compromised systems to produce a staggering amount of network traffic against the target environment causing it to become unavailable.  

To create such a disruption, adversaries use multiple resources to amplify the network traffic and conceal the identity of an attacker, thus complicating mitigation efforts. The end effect of a DoS or DDoS attack could vary from simply disrupting online services, to taking entire commercial businesses offline. While nothing can change the nature of adversaries out there, and their

Read More: