Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

CISA Releases Guidance on Adopting DDoS Mitigations

CISA has released new guidance to help federal agencies decide upon and prioritize DDoS mitigations based on mission and reputational impact.

The US Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help federal agencies adopt distributed denial-of-service (DDoS) mitigations.

DDoS attacks are a type of cyberattack in which threat actors flood a server or network with internet traffic, exhausting its resources and rendering the target inaccessible.

Meant to help federal agencies prevent “large-scale volumetric attacks against web services”, CISA’s new guidance (PDF) shares details on prioritizing DDoS mitigations depending on mission and reputational impact, and describes various DDoS mitigation services to help agencies make informed procurement decisions.

The guide, however, only focuses on DDoS attacks targeting websites and related web services, which are meant to deny user access to them.

According to CISA, before deciding which type of DDoS mitigation to adopt, federal agencies should make an inventory of agency-owned or -operated web services, and then analyze the impact a DDoS attack would have against those services.

For that, CISA proposes five categories of impact and encourages federal agencies to assign a score in each of them: impact on public transactions, impact on public access to information, impact on government and industry partnerships, impact on the agency’s day-to-day activities, and reputational impact.

Next, each agency should assess the importance, or weight, of each impact category, based on mission and risk tolerance.

“Agencies that depend on public perception for the successful execution of their mission may choose to give more weight to scores in the reputational impact category, whereas agencies that are reliant on partnership with scientific or academic organizations may choose to weight the government and industry partnerships category more heavily,” CISA explains.

Advertisement. Scroll to continue reading.

After calculating the impact score for each of their web services, federal agencies should create a ranked list of DDoS attacks and, based on that, prioritize the implementation of specific DDoS mitigations.

When considering the adoption of mitigations against DDoS attacks, federal agencies should look at content delivery networks (CDNs), internet service providers (ISPs) and upstream providers, and cloud service provider hosted services.

“CDN mitigations provide the highest degree of protections. Both ISP and CSP are sufficient if service providers can provide the proper compute and bandwidth resources. On-premises solutions are highly unlikely to provide sufficient compute and bandwidth due to its inability to scale; CDN solutions are highly advised,” CISA notes.

Related: MITRE and CISA Release Open Source Tool for OT Attack Emulation

Related: CISA Releases Cyber Defense Plan to Reduce RMM Software Risks

Related: CISA Unveils Cybersecurity Strategic Plan for Next 3 Years

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Coro, a provider of cybersecurity solutions for SMBs, has appointed Joe Sykora as CEO.

SonicWall has hired Rajnish Mishra as Senior Vice President and Chief Development Officer.

Kenna Security co-founder Ed Bellis has joined Empirical Security as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.