Mitigating DDoS Attacks

Last Revised

Distributed denial-of-service (DDoS) attacks continue to increase in frequency. Cyber attackers accomplish a DDoS attack by sending so much web traffic—often through use of a botnet—at a target that it is unable to function.

The Cybersecurity and Infrastructure Security Agency (CISA) recommends the following proactive steps to aid in reducing the effects of a DDoS attack:

  • Administrators should enroll in a denial-of-service (DoS) protection service that detects abnormal traffic flows and redirects traffic away from the network. The DoS traffic is filtered out, and clean traffic is passed on to the network. Administrators should create a disaster recovery plan to ensure successful and efficient communication, mitigation, and recovery in the event of an attack.
  • Users and administrators should take steps to strengthen the security posture of all internet-connected devices to prevent them from being compromised.
    • Install and maintain antivirus software.
    • Install a firewall and configure it to restrict traffic coming into and leaving your computer.
    • Evaluate security settings and follow good security practices to minimize access other people have to personal information, as well as manage unwanted traffic.

Additionally, CISA encourages users and administrators to review the Multi-State Information Sharing and Analysis Center (MS-ISAC)’s Guide to DDoS Attacks and CISA’s Tip on Understanding Denial-of-Service Attacks for more information about how to defend networks against DDoS attacks.

This product is provided subject to this Notification and this Privacy & Use policy.