From the course: The Cybersecurity Threat Landscape
Protect against botnets and DDoS threats
- [Instructor] Although botnets and distributed denial of service, or DDoS attacks may be growing threats on the cyber security threat landscape, there are effective ways to minimize your exposure to them. In this video, I'll cover how to protect against botnet and DDoS attacks and how to keep your systems from becoming part of a botnet. We'll start by talking about five ways to protect your websites and online applications from DDoS attacks. First, you absolutely must have either firewalls or web application firewalls or WAFs for short in front of your websites. Firewalls and WAFs can be used to detect and block unwanted and abnormal traffic. They can also be used to control or throttle the traffic that reaches your applications. Firewalls and WAFs though can still be overwhelmed by DDoS attacks. The second way you can protect against DDoS attacks is by using load balancers or content delivery networks or CDNs for short. Load balancers and CDNs can share the traffic load across servers in different locations, which waters down the DDoS attack. Third, consider using DDoS defense systems or service providers that specialize in protecting organizations from these attacks. CloudFlare for instance provides a service that can absorb DDoS traffic and route only legitimate traffic to your web servers. Next, a good network monitoring system will detect unusual internet traffic like a DDoS attack once it starts. Notifications from a network monitoring system will give you an early warning about the attack, so you can respond quickly. And finally, develop a denial of service response plan. Define who will be on the response team in the event of a DDoS attack, and write down the procedures that must be followed in the event of an attack. When you have these protections in place, you can hire a qualified third-party firm to conduct a DDoS test. There are many security companies that specialize in pretend DDoS attacks, load tests, and other external threat simulations. They can help identify system misconfigurations, network bottlenecks, poor instant response, and more. Now let's talk about how to keep your systems from joining a botnet. Since the primary way systems are taken over and added to botnets is through the use of malware, the best way to protect your systems is by using effective anti-malware. Make sure you're using the latest version with the most current malware definitions. Next, you should monitor your system processes, investigating any that look unusual or take excessive CPU or memory. These can be signs that your system is part of a botnet, and of course follow good enterprise security practices. Example practices include, make sure all your devices have strong passwords, keep software, firmware, and applications updated and patched. Implement anti-spam controls on your email server. Use web filtering to block access to sites that commonly host malware, and conduct regular user security awareness training and phishing training. These may seem like basic security tasks, but they'll go a long way toward protecting your systems from becoming part of a botnet. Botnets and DDoS attacks are getting bigger and more common. And like an arms race, their attack methods are getting more creative and evolving to overcome existing defense measures. Take the steps I covered in this video to protect your organization's data from botnet and DDoS threats.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.