/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/media_files/2025/04/15/6Tsw7JLduNk1nAnIuPaV.jpg)
By Sven H Dummer & Sandeep Rath
In today’s hyperconnected world, distributed denial-of-service (DDoS) attacks are no longer rare incidents. Cybercriminals use increasingly sophisticated techniques to disrupt businesses, damage reputations, and compromise critical online services.
The stakes have never been higher. So, what should you do if you find yourself under attack? Let us talk the first things first.
DDoS attacks occur when malicious actors flood a network with traffic, overwhelming its resources and rendering its services unavailable. These attacks are sometimes used for extortion; attackers demand a ransom to stop the flood of malicious traffic. In some cases, attackers use DDoS as a smokescreen to launch even more malicious activities, such as data breaches or malware deployments.
Although DDoS attacks have existed for years, they have recently grown in both size and complexity. Between 2021 and 2023, the number of large DDoS attacks increased by nearly 50%, and 2024 is on track to break this record yet again.
Today, DDoS-as-a-service offerings make it easier for any would-be attacker to deploy these disruptive assaults. Traditional mitigation techniques are no longer enough for many organisations to stop the deluge.
The 7 Steps to Mitigating a DDoS Attack
Here are seven key steps for responding to a DDoS attack and protecting your organisation against these growing threats.
#1 Assess your risk and current defences: Begin by evaluating your current DDoS mitigation capabilities. Are your existing defences sufficient to handle the size and scope of the attack? Engage your DDoS mitigation provider to assess the ongoing threat and respond quickly to any vulnerabilities.
#2 Review your critical IP spaces and subnets: Ensure that your most vital network resources, including critical subnets and IP spaces, are protected by mitigation controls. This will help to limit the areas of your infrastructure that the attack can compromise.
#3 Activate always-on DDoS security controls: Deploy always-on security controls as a first layer of defence. This proactive approach minimises the burden on incident responders and reduces the risk of emergency integration scenarios during a crisis.
#4 Implement an edge-based cloud firewall: Expand your defences beyond traditional DDoS protection by deploying an edge-based cloud firewall. This additional security layer helps block malicious traffic before it even reaches your network, reducing the load on your internal firewalls and systems.
#5 Protect your DNS infrastructure: Domain Name System (DNS) attacks are a common and highly effective method of disrupting services. Use a robust DNS solution to protect against DNS-focused attacks and deploy a dynamic proxy to safeguard on-premises or hybrid DNS infrastructures.
#6 Activate your incident response plan: Ensure that your incident response plan is up-to-date and activated. This plan should include a crisis response team with clearly defined roles, communication channels, and predefined strategies for mitigating the attack. A well-rehearsed playbook is key to maintaining calm and responding efficiently during a crisis.
#7 Extend your protection to application and API layers: Many DDoS attacks target applications and APIs, making it essential to secure these components.
Why the Human Element Matters?
Modern DDoS attacks can easily (and often) overwhelm DDoS defence technologies that rely solely on automated mitigation. Smart hackers probe such automated defence mechanisms to detect and abuse flaws and vulnerabilities. The evolution of DDoS threats is no longer focused on increasing attack volume and bandwidth but on the sophistication of the attack methods and refinement of the tactics.
That is why combining platforms, people, and processes is critical. The human factor is essential for navigating complex, evolving attacks that automated systems alone might not fully address. DDoS attacks are growing in size and sophistication, and no organisation is immune. But with the right defence strategy, you can protect your network, services, and reputation.
Therefore, adopting platforms designed for complete flexibility, with the option to deploy always-on or on-demand protection and integrate easily with hybrid environments, ensures that your data centres, cloud infrastructure, and Internet-facing services are secure from even the most sophisticated threats.
The authors, Dummer, Global Director of Product Marketing, and Rath, Senior Product Marketing Executive, are both at Akamai.