The Cybersecurity and Infrastructure Security Agency, along with the FBI and the Multi-State Information Sharing and Analysis Center, has updated its guidance regarding distributed denial-of-service — or DDoSS — attacks which was originally released in 2022.
CISA said Thursday that the revised guidance, titled “Understanding and Responding to Distributed Denial-Of-Service Attacks,” now classifies DDoS attacks into three types: volumetric, protocol and application.
A volumetric DDoS attack seeks to overwhelm a target’s available bandwidth. A protocol attack takes advantage of the vulnerabilities of the target’s network protocols. An application attack targets specific applications or services being run by the target.
The revised guidance also comes with new visual aids and recommendations on how to defend against DDoS attacks based on type.
CISA and its partners called on relevant stakeholders to review the revised guidance to better prepare and defend against the threat of DDoS.
Cyber experts, government leaders and industry visionaries will speak about the dynamic and evolving role of cyber in the public sector at the Potomac Officers Club’s 2024 Cyber Summit, which will take place in June. Register now to attend this important event!