DDoS attacks are of varying lengths of time and can be identified by:
• Unusually slow network performance (opening files or accessing websites).
• Unavailability of a particular website or the inability to access any website.
To mitigate a DDoS attack:
• Enroll in a Denial-of-Service protection service that detects abnormal traffic flows and redirects traffic away from the network.
• Create a partnership with the local internet service provider (ISP) prior to an event and work with the ISP to control network traffic during an event.
• Create a disaster recovery plan to ensure successful and efficient communication, mitigation, and recovery in the event of an attack.
• During and after a DDoS attack, monitor other network assets for any additional anomalous or suspicious activity that could indicate a secondary attack.
https://www.ic3.gov/Media/News/2022/221104.pdf
