How to defend against Account Takeovers
Learn about account takeover threats, protection strategies, and detection methods to secure your digital accounts and prevent unauthorised access.
DDoS stands for Distributed Denial of Service. It's a type of cyber attack designed to make online services, networks, or resources unavailable by overwhelming them with excessive internet traffic.
A DDoS attack inundates a targeted server, network, or service with a flood of internet traffic. Unlike a simple DoS (Denial of Service) attack, which comes from a single source, a DDoS attack involves multiple compromised computers that serve as attack platforms.
Primary categories of DDoS attacks
- Volumetric Attacks: These attacks overwhelm a network by consuming its bandwidth with large volumes of data.
- Protocol Attacks: These target network infrastructure, exploiting weaknesses in network protocols.
- Application-layer Attacks: These focus on specific aspects of an application, such as a web page or database, usually operating at Layer 7 of the OSI model.
Detection and mitigation
Traditional security measures like firewalls and intrusion detection systems often fall short because they aren't designed to handle the high volumes of traffic characteristic of DDoS attacks.
A multi-layered, defence-in-depth approach works best.
Specialised DDoS mitigation techniques include rate limiting, caching, load balancing, traffic analysis, and challenge-response tests.
Organizations commonly use both local and cloud-based solutions for comprehensive protection.
Related Articles
What is an Account Takeover?
An overview of Account Takeover Attacks
Anatomy of a Credential Stuffing Attack
A step-by-step breakdown of how credential stuffing attacks are carried out, from obtaining stolen credentials to bypassing defenses and taking over accounts.
What is Anycast DNS?
An introduction to Anycast DNS
What is an Apex Domain?
A quick description about what an Apex Domain is.
Best Practices for API Key Management and Rotation
Learn the essential best practices for managing and rotating API keys to enhance security, prevent unauthorized access, and minimize the impact of key compromise.