With growing virtual attack surfaces, preventive protection solutions help avoid damage from DDoS attacks or bad bots, says Thomas Wagner of Myra Security. As part of the Internet Security Days (ISD) 2023, he talks about DDoS emergency onboarding.
Mr Wagner, DDoS attacks carry enormous potential for damage. Why is that?
In recent years, DDoS attacks have massively increased in number and strength. Criminals can book attacks as a service on the darknet. This further exacerbates the situation, given that no technical expertise is thus needed to carry out attacks. At the same time, more and more services are being digitalised and offered online as a service. The virtual attack surface is growing more and more as a result.
Once an attack is underway, what can I still do?
In the acute case of an attack, protection service providers can use emergency shutdowns to turn the traffic towards themselves and to filter the harmful data packets. This process can prevent further breakdown damages. Without dedicated protection systems, however, those affected can only wait until the attacker stops the attack. This often results in considerable financial damage as well as long-term losses of reputation and trust.
How should one prepare to limit damage?
Business-critical websites, portals, APIs and web infrastructures must be preventively equipped with dedicated protection solutions. These include automated DDoS protection at application and infrastructure level, a web application firewall (WAF) and bot management. This is the only way to avoid damage from DDoS attacks or bad bots.
Mr Wagner, thank you very much for the interview!
Thomas Wagner, Solutions Engineer at Myra Security GmbH, will be speaking at ISD 2023 on “DDoS Emergency Onboarding: What to do when a fire breaks out”. Register now and take part.