3 Reasons You Need DDoS Weapons Intelligence
April 5, 2019
In this third video of the DDoS Defenders Tips & Tricks installment, we discussed ways in which a DDoS defense system can block attacks. Here, Don Shin, Sr. Product Marketing Manager at A10 Networks, explains why you should use threat intelligence to mitigate DDoS attacks. DDoS attacks can be catastrophic, but the right knowledge and tactics can drastically improve your chances of avoiding and successfully mitigating attacks.
Transcription
Transcript
Welcome to A10’s DDoS defenders tips and tricks. In our last session, we discussed the goals of DDoS defenses and the three critical classes of strategies to implement in order to deflect DDoS attacks, while preventing collateral damage against legitimate users.
And in this session, we’re going to introduce you to the concept of actionable DDoS threat intelligence and its role in modern DDoS defenses. Because when you when it comes to DDoS, you may not know when the DDoS attack will come.
And you don’t know why or the motivation of the attackers or who the attacker is that’s instigating these DDoS attacks. But interestingly with DDoS is that you can know ahead where the DDoS attack will come from.
And this is because when in DDoS the first D, Is Distributed. And the distributed element, we’re able to see these malware infected DDoS-for-hire botnets that are repeatedly being used for DDoS attacks as well as the the millions of servers on the internet that can be exploited for reflective amplification attacks.
And with this knowledge, threat researchers collect forensics data, analyze forensics data, tap into networks, track botnet herders activity across the internet, as well as scan for footprints or signatures of DDoS weapons.
And with this knowledge, they create these voluminous lists of IP addresses of the DDoS weapons that are used repeatedly across the internet.
Now, the actionable portion of this comes in where we take that knowledge from the threat researchers and apply it into these large blacklists in order to create a proactive defense ahead of the DDoS attack and prevent those IP addresses from entering your environment and creating damage against your services and against legitimate users.
And so this strategy of applying threat intelligence becomes really critical, especially as the attackers are maturing and adding additional strategies around it. So we can use reputation as a mechanism for being able to do these DDoS defenses.
Now, threat intelligence by itself isn’t something that’s new. However, the action of the elements are what you can do based on the distributed nature of DDoS attacks is incredibly effective when it comes to DDoS defenses. So, to learn more about DDoS attacks, I hope that you will come back for future sessions of DDoS defenders tips and tricks.
Additional Resources
- Thunder TPS: DDoS Detection & Mitigation (Product Page)
- DDoS Protection (Solution Page)
- IDC Technology Spotlight: DDoS Defenses Enter the AI Era (Report)
- DDoS Attack Mitigation: A Threat Intelligence Report (Report)
- DDoS Weapons & Attack Vectors (Infographic)
- Expedite Proactive DDoS Protection Deployment Using A10 aGalaxy System (Deployment Guide)
- DDoS Defender’s Insights: How to Defend Against Reflected Amplification Attacks (Webinar)
- Staying Open for Business Against DDoS Attackers Requires More Than Just Blocking Traffic (Webinar)