How DDoS Detection and Mitigation Can Fight Advanced Targeted Attacks

by John Pescatore
Sept. 1, 2017 0 comments SANS Institute threats/vulnerabilities

Distributed denial of service (DDoS) attacks continue to harm enterprises around the world. The obvious damage caused by DDoS attacks is bad enough, including headline-grabbing, multigigabit/second volumetric attacks that crash critical business and government systems. More insidious is the use of DDoS as a component of advanced targeted attacks.1 Many of these attacks include DDoS components designed to stay beneath the network security radar, mimicking legitimate user traffic to escape detection. Protective security services start failing or, worse, are blocked altogether. During the confusion caused by the DDoS, the real infiltration takes place: Malware and attacks infect web applications or dig deeper into the network during the confusion.