Mat Gangwer, security operations lead at Rook Security, agreed that mitigation is difficult. "In normal cases we can go to our edge and block that attacker, but when we get into DDoS or reflective, there are thousands and thousands of hosts. It’s a management nightmare," Gangwer said.
Tracing back to the attacker poses another problem that is closely tied to the ease of DDoS attacks. "The problem that everyone is going to run into," said Gangwer, "is that it's so hard to tie that attack back to a specific individual or country. It is almost impossible because the bots they are using are all over the globe."
Sometimes, the only way a target can respond to an attack is to wait it out. If the goal is to make a political statement, riding the wave of downtime might be the only option.
Sign up for Computerworld eNewsletters.