Mitigating DDoS Attacks on Fortune 500 Company

This case study details the response of a Fortune 500 company to a botnet-driven Distributed Denial of Service (DDoS) attack. The attack involved an unprecedented volume of HTTP requests, ranging from 3000 to 14000 times the normal traffic, utilizing approximately 8 million unique IP addresses over a 14-day period. The attack targeted non-existent or non-public URLs, complicating the identification of vulnerabilities. The company faced significant challenges, including service disruptions and increased bandwidth consumption. In response, a strategic solution was implemented, including updated rate-limiting rules, geo-fencing to block suspicious traffic, and URI blacklisting policies. These measures successfully mitigated the bot traffic, ensuring zero service disruptions for legitimate users and saving substantial bandwidth costs. The case study outlines the specific technical strategies employed to enhance the company's defenses against such attacks.