What DDoS Attacks Do
DDoS attacks aim to disrupt online services by flooding them with traffic from multiple, compromised systems. These systems, often forming a botnet, overwhelm the target's network or application resources, preventing legitimate users from accessing the service. Attacks can target various layers, including network infrastructure (L3-4 volumetric attacks) and application logic (L7 attacks). Understanding these layers is crucial for effective mitigation. Common mitigation techniques include rate limiting, traffic scrubbing, and utilising anycast networks to distribute traffic across multiple geographic locations.
DDoS Protection in Australian Tenants
For AU mid-market organisations, particularly those in regulated sectors like financial services, maintaining service availability is paramount. APRA CPS 234 mandates robust business continuity and resilience controls, which include protection against denial-of-service attacks. Azure DDoS Protection offers Basic (always-on) and Standard/Network/IP tiers, with Standard providing advanced threat intelligence and mitigation. Azure Front Door provides additional protection at the application layer. Organisations should carefully evaluate their risk profile and APRA CPS 230 obligations when selecting a DDoS protection solution, ensuring it aligns with their availability requirements and incident response capabilities.