Today, CISA, the FBI, and MS-ISAC released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, which addresses the specific needs and challenges faced by organizations in defending against DDoS attacks. The updated guidance now includes detailed insight into three different types of DDoS techniques:

• Volumetric – volume-based attacks that aim to consume available bandwidth or system resources of the target by overwhelming it with a massive volume of traffic.
• Protocol – attacks which exploit vulnerabilities in network protocols or services to disrupt the target. By focusing on weak protocol implementations, the malicious actor can degrade the target’s performance or cause it to malfunction.
• Application – attacks targeting vulnerabilities in specific applications or services running on the target system. Instead of overwhelming the network or system resources, these application layer attacks exploit weaknesses in the targeted application, consuming its processing power or causing it to malfunction.

WaterISAC joins CISA and partners in urging network defenders and leaders of critical infrastructure organizations to read the guidance provided to defend against this threat. Access the full guide here.

For more actionable recommendations, best practices, and operational insights designed to address common challenges, visit CISA’s Capacity Enhancement Guides for Federal Agencies page.