"US Agencies Issue Guidance on Responding to DDoS Attacks"

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have recently released joint guidance for responding to distributed denial-of-service (DDoS) attacks.  CISA noted that DDoS attacks that produce high volumes of traffic are difficult to respond to and recover from.  Such attacks may lead to degradation of service, loss of productivity, extensive remediation costs, and reputational damage.  CISA stated that organizations should include steps to address these potential effects in their incident response and continuity of operations playbooks.  To mitigate the risk of a DDoS attack, CISA noted that organizations should be aware of all internet-facing assets and the vulnerabilities potentially impacting them.  Organizations should also identify how users connect to the corporate network, enroll in a DDoS protection service, ensure they understand existing defenses, and implement a DDoS response plan.  The guidance applies to federal agencies and private organizations alike and provides additional recommendations on how organizations can prepare for DDoS attacks and details the steps they should take when responding to an ongoing assault.

SecurityWeek reports: "US Agencies Issue Guidance on Responding to DDoS Attacks"