5. Fight application-layer attacks in-line
Attacks on specific applications are generally stealthy, much lower volume and more targeted.
"They're designed to fly under the radar so you need the protection on-premises or in the data center so that you can perform deep-packet inspection and see everything at the application layer. This is the best way to mitigate these kinds of attacks," says Sockrider.
“Organizations will need a web protection tool that can handle application layer DoS attacks,” adds Tyler Shields, VP of Strategy, Marketing & Partnerships at Signal Sciences. “Specifically, those that allow you to configure it to meet your business logic. Network based mitigations are no longer going to suffice,” he says.
Amir Jerbi, co-founder and CTO is Aqua Security, a container security company, explains how one of the steps you can take to protect against DDoS attacks is to add redundancy to an application by deploying it on multiple public cloud providers. “This will ensure that if your application or infrastructure provider is being attacked then you can easily scale out to the next cloud deployment,” he says.
The banking industry is collaborating a little when it comes to these attacks. Everything they reveal is carefully protected and shared strictly amongst themselves, but in a limited way, banks are doing a better job at collaborating than most industries.
"They're working among each other and with their telecommunication providers. And they're working directly with their service providers. They have to. They can't just work and succeed in isolation," says Lynn Price, IBM security strategist for the financial sector.
For example, when the financial services industry was targeted, they turned to the Financial Services Information Sharing and Analysis Center for support and to share information about threats. "In some of these information-sharing meetings, the [big] banks are very open when it comes to talking about the types of attacks underway and the solutions they put into place that proved effective. In that way, the large banks have at least been talking with each other," says Rich Bolstridge, chief strategist of financial services at Akamai Technologies.
The financial sector's strategy is one that could and should be adopted elsewhere, regardless of industry.
7. Watch out for secondary attacks
As costly as DDoS attacks can be, they may sometimes be little more than a distraction to provide cover for an even more nefarious attack.
"DDoS can be a diversion tactic for more serious attacks coming in from another direction. Banks need to be aware that they have to not only be monitoring for and defending the DDoS attack, but they also have to have an eye on the notion that the DDoS may only be one aspect of a multifaceted attack, perhaps to steal account or other sensitive information," Price says.
Sign up for Computerworld eNewsletters.