Who to call when hit by a DDoS attack
Posted on 26 April 2013.
Recent reports all point to the same fact: despite the different motives of the attackers, DDoS attack have become more frequent and more intense.


So what are businesses and organizations to do?

For one, you should have a plan ready to respond to such an attack even before it happens. You should know who to contact, what information to gather, what mitigation strategies to employ.

"If you find that your site or organization is under attack, it’s important that you report such attacks quickly to parties that are best positioned to help you mitigate, weather, and restore normal service," says Dave Piscitello, senior security technologist with the Internet Corporation for Assigned Names and Numbers (ICANN).

This primarily means your hosting or Internet service provider. Considering it is also in their best interest to stop the attack or at least mitigate its effect, the providers can directly contact their own “upstream” providers and the ISPs that route traffic from the DDoS attack sources and ask them to help.

In case your own provider is not answering your emails and messages, Piscitello advises contacting the national Computer Incident, Emergency, or Security Incident Response Team that should do it on your behalf.

There is no need to contact local law enforcement, except when you're absolutely sure the attack is criminal in nature (you received threats or blackmail notes asking for money to stop the attack).

When filing a report about the attack to your hosting provider or ISP, be sure to provide as much as information as you can gather.

The list should include: start and end times, observable attack patterns, traffic information (type of traffic, source and targeted IP addresses and port numbers, packet rate, packet size, and bandwidth consumed), unique traffic or packet characteristics, changes in the attack, its impact, and your suspicions about the motive of the attack.









Spotlight

51% of consumers share passwords

Posted on 20 August 2014.  |  The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //