Security News > 2024 > March > FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert
The US government has recommended a series of steps that critical infrastructure operators should take to prevent distributed-denial-of-service attacks.
The joint guide, entitled Understanding and Responding to Distributed Denial-Of-Service Attacks [PDF], distinguishes between denial-of-service and DDoS attacks.
First up: volume-based attacks that aim to overwhelm a target with a massive amount of traffic, thus consuming all the available bandwidth so legitimate traffic can't access the website.
Second comes attacks that exploit vulnerabilities in network protocols, thus causing the website to malfunction or otherwise interfere with its performance.
The guide lists 15 best practices that organizations should put in place to protect against these attacks.
Plus, programs like employee training, incident response, and backup and recovery plans are always smart to have in place, and practice regularly, along with network redundancy to help maintain service availability in the event of a DDoS attack.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/21/fbi_ddos_advice/
Related news
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)
- Web-based PLC malware: A new potential threat to critical infrastructure (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Strengthening critical infrastructure cybersecurity is a balancing act (source)
- US critical infrastructure cyberattack reporting rules inch closer to reality (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
- CISA investigates critical infrastructure breach after Sisense hack (source)