(Section 1) What is the best way to respond to an Anti-DDoS attack?

Hello, I'm security defender PR.
DDoS attacks seem to have decreased a lot recently.
'After the 17-year Armada Collective financial DDoS attack, DDoS attacks often come in, but they're not being reported in the media, and DDoS attacks are ongoing.

'In 2017, I provided technical support for Anti-DDoS equipment in KT's Clean Zone service and was busy expanding DDoS equipment capacity.

The manufacturer and model name cannot be mentioned, but it is certain that the situation was in a state of emergency due to the threat of a full-fledged attack unless bitcoin was released to the bank (Suhyup, Daegu Bank, Jeonbuk Bank, etc.) where the actual attack occurred.

 

Based on our experience at the time, we will post a post about how defending is most effective in the event of a DDoS attack.

 

1.Never cooperate with the hacker's requirements.
Hackers use every means to contact their administrators.
Mail, blogs, social networking sites, messengers, and even bulletin boards on their homepages say they are some kind of vicious human being and that they will be harmed if they don't give money (bitcoin).
Or, "I am the one who defends the attack, and I will defend you if you pay me a certain amount of money."
In this case, you should never pay for it!!!
If you pay a small amount of money, you're registered as a target, and you're constantly demanding more and more, and the capacity and methods of your attacks vary.

2. Is it possible to defend with DDoS equipment?
Yes, but you can't defend against attacks that exceed your Internet bandwidth.
Initial DDoS attacks do not come in 10G, 20G, or 100G.
Hackers go through the process of determining the extent to which they are defenseless against DDoS attacks against the affected sites. Network SCAN sends back various DDoS attack patterns, anticipating security equipment (Anti-DDoS, IPS, etc.) and preemptively attacking vulnerable sites.
If there is a DDoS device that the client company has introduced, it can be fully protected by prevention alone.

 

3. ISP (Communicator) DDoS Defense Service Perfect?
We provide DDoS defense services to all ISP operators such as KT, SKT, and LG U+ in Korea.
It depends on the capacity you are defending, and you cannot use services from other carriers depending on which Internet you use.
Service configurations provide only monitoring of normal traffic; in the event of a DDoS attack, all traffic is bypassed to the DDoS Zone to block DDoS attack traffic and to utilize (filtering) the usual learned physical traffic.

Advantages: Massive traffic protection compared to stand-alone equipment, 24-hour monitoring, no initial investment required
Disadvantages: Using shared equipment, detailed tuning is required

 

Anti-DDoS attacks are evolving.
I think you know the meaning of the DDoS attack too well. The answer to distributed denial-of-service attacks is to distribute services to increase availability as the answer to those attacks where distributed traffic concentrates on one place and services are down.
Essential security equipment + DDoS defense services are important, but you need a way to minimize the impact of DDoS attack traffic that is concentrated in one place through service redundancy & DR (disaster recovery) configurations over the cloud.