PUBLICATION

Understanding and Responding to Distributed Denial-Of-Service Attacks

Publish Date

March 21, 2024

Related topics:

Critical Infrastructure Security and Resilience, Cybersecurity Best Practices, Incident Detection, Response, and Prevention

This joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, addresses the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques:

Volumetric, attacks aiming to consume available bandwidth.
Protocol, attacks which exploit vulnerabilities in network protocols.
Application, attacks targeting vulnerabilities in specific applications or running services.

CISA, FBI, and MS-ISAC urge network defenders and leaders of critical infrastructure organizations to read the guidance provided to defend against this threat. For more actionable recommendations, best practices, and operational insights designed to address common challenges, visit CISA’s Capacity Enhancement Guides for Federal Agencies page.

Understanding and Responding to Distributed Denial-of-Service Attacks_508c (PDF, 1.03 MB )

Understanding and Responding to Distributed Denial-Of-Service Attacks

Tags

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Identifying and Mitigating Living Off the Land Techniques

Understanding and Responding to Distributed Denial-Of-Service Attacks

Tags

Related Resources

Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software

PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Identifying and Mitigating Living Off the Land Techniques