Anatomy of a DDoS AttackCloudFlare's Trey Guinn on Choosing the Right Mitigation Strategy
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.
Ransom-based attacks are in the spotlight now, but Guinn - head of solution engineering at CloudFlare - has discovered an interesting disconnect.
"There are more attackers sending out ransom notes than are actually doing attacks," Guinn says. "We have seen many of these ransom notes go out, but it's clear in how [the attackers] receive payment that they have no way to determine who actually has paid the ransom. There is no expectation that there is ... going to be an attack."
The message to security leaders, then, is crystal clear, he says: "Never pay the ransom."
In a discussion about matching DDoS defenses to DDoS attacks, Guinn talks about:
- Types of DDoS attacks most predominant today;
- How mitigation techniques must match the types of attacks;
- How to respond specifically to ransom-based attacks.
Guinn leads the enterprise solution engineering group at CloudFlare, where he works with large customers to help them manage their network edge. His work focuses on TLS, DDoS mitigation, web application firewalls, HTTP and DNS.
He has worked in internet application delivery for over 15 years in small and large companies in several countries - from multinationals like KPMG to one room startups. Security is a continual focus of his career (as it should be for every engineer) with work ranging from network security to identity management.