New federal DDoS attack response guidance issued

Federal agencies and private entities have been advised in a new joint guidance from the Cybersecurity and Infrastructure Security Agency, Multi-State Information Sharing and Analysis Center, and the FBI to include distributed denial-of-service attack response in their incident response and operations continuity playbooks, reports SecurityWeek. In addition to adopting a DDoS response plan, the CISA, MS-ISAC, and FBI recommended that organizations ensure awareness of internet-facing assets and their potential vulnerabilities, determine users' corporate network access, seek a DDoS protection service, and understand their current defense mechanisms. Adherence to such recommendations is crucial amid the growing use of DDoS attacks to facilitate the deployment of malware and exfiltration of data. "In a progressively interconnected world with additional post-pandemic remote connectivity requirements, maintaining the availability of business-essential external-facing resources can be challenging for even the most mature IT and incident response teams. It is impossible to completely avoid becoming a target of a DDoS attack," said the agencies.