The unfortunate truth is that EVERYONE is at risk. Sometimes people get attacked and they have no idea why! The source is often someone who doesn't like one’s business, perhaps a competitor or someone trying to extort money.
How important is intelligence gathering when it comes to mitigating the effects of a massive DDoS attack? What type of information are you looking for?
It is extremely important for the entire online community. Mitigating the attack only stops the attack from hurting one specific target, but if you can find the information that will lead to the C&C, this can be reported to several “white hat” groups who volunteer their time into dismantling these botnets so they cannot attack anyone else. It is also important to figure out who the attacker is, in the event that criminal prosecution can be pursued.
What are some of the lessons that you've learned when you mitigated large DDoS attacks impacting your clients?
I learned quickly that no attack is the same. There is no “one size fits all” device out there that will stop every attack. To be responsible, a person needs to have many different tools in his or her arsenal, sometimes used together along with some manual work, to stop some of the more intelligent attacks.
Never assume that you have seen an attack as big as it would ever get. But also, it is worth noting that size isn't everything. It can actually be the smaller attacks, the ones which look quite similar to normal traffic, which are the hardest to stop.
What advice would you give to organizations interested in getting DDoS protection? How can they make sure that they make the right choice when evaluating providers?
When evaluating any potential provider, look at their history. See how long they have been around and ask for some proof. Check there website for original content. There is smaller company out there who is decently known, but their entire site is plagiarized from different companies who sell DDoS mitigation devices. If they cannot write original text on their own site, then I really would not have too much faith in them protecting my interests as a client.
What are the advantages of using GigeNET DDoS protection? What makes you stand out from the competition?
Without a doubt, our best asset is our experience. We are tried and true. I began defending DoS attacks in 1998 when we used to run a shell server and attackers would DoS other people off of IRC chats.
Paul, our network engineer, started the first fully dedicated DDoS protection company in the late 90's and pioneered many of the methods of protection. We joined forces in 2005 and have been at the forefront of the industry ever since.