As we finally draw a line under a year that never seemed like it was going to end, we take time to reflect on the past 12 months and look forwards into the new year. Corero’s goal is to always to make the next year safer than the last when it comes to DDoS protection. Unfortunately, we can’t see into the future although, if we could, we might have all been better prepared for the unprecedented global crisis in 2020, and the largest known cyber espionage breach, that still has unknown ramifications for the US federal government, other western democracies, and thousands of major companies. It has been a challenging year in cybersecurity, to say the least. Through it all, Internet usage continues to evolve and grow. What does all this mean in terms of the future frequency and variety of? Continue reading…distributed denial of service (DDoS) attack
Remote working trend continues
Remote working for students and professionals alike has become the norm, and it’s not difficult to see that trend continuing long into 2021. However, this has been a real forcing function, and the prediction is that this will never revert to anywhere close to pre-2020 levels. Even medical doctors have been moved to use technology more frequently, because it is safer to see patients online, than in the consulting room. Telecommuting was an option for many employees prior to the pandemic, but since it became mandatory for so many, they have now experienced the benefits and may be reluctant to regularly commute to an office ever again, even after the pandemic restrictions are lifted.
Industries at risk of DDoS attacks
The truth is that every organization operating a website or online business service is a target for DDoS attacks. Now that so many organizations are utterly dependent on their Internet-facing services, DDoS protection should be part of every cybersecurity agenda. Of course, some organizations have higher stakes, and therefore may be a more tantalizing targets for threat actors. For example, 2020 witnessed several DDoS attacks on public school online learning systems, which disrupted online learning at a time when it was more crucial than ever. Threat actors seldom operate by a moral compass, so organizations that rely heavily on the Internet to meet the needs of their customers should ask themselves, “what is the worst-case scenario, if our operations were incapacitated by a DDoS attack?”
IT staff will juggle even more responsibility and threats
The switch to remote working and education has put a strain on many IT staff, as they strive to ensure that VPNs and mobile devices are secure. Organizations are dealing with the still-unknown implications of the Russian cyber espionage incident and were already struggling for the past few years from a severe shortage of cybersecurity professionals. With concerns about breaches, cybersecurity professionals from CISOs to analysts will be extra busy making sure that their systems have not been compromised.
Cybercriminals will be quick to take advantage of overtaxed security analysts who may be too busy putting out one fire to notice another attack or breach is already underway. DDoS attacks are the low-hanging fruit for cybercriminals; they are relatively simple to execute, even by those with limited coding skills. And, for those who want to outsource their efforts completely, there are many threat actors offering inexpensive DDoS-for-hire services.
Changes ahead for ISPs
With so many communications forced online, rather than in person, Service Providers must provision enough bandwidth for business and residential customers to support the increase in online activities such as video conferencing and entertainment services. Furthermore, the increase in users results in greater demand for customer support. ISPs are already under pressure to abide by their Service Level Agreements (SLAs), but given that so many institutions rely on Internet connectivity to conduct business, they will likely face increasing pressure from government and customers to meet those uptime commitments.
5G solves one problem but creates others
The continuing rollout of 5G wireless services promise lower latency, increased bandwidth, and faster download speeds for end-users, but it also expands the attack surface, which increases the risk of malware, security breaches and DDoS attacks. 5G enables a greater number of internet of things (IoT) devices, many of which have security issues, including default passwords, that make it easier for threat actors to harness them into harmful botnets. Furthermore, 5G-enabled wireless devices pack more power, which means that DDoS attackers won’t need to harness as many into their botnets to do the same, or greater, amount of damage. This not only enables larger volumetric attacks, some of which are already in the terabits per second range, but it also enables the delivery of larger numbers of short, sub-saturating, attacks. ISP networks have increased exponentially in scale and complexity, while DDoS attacks have increased in frequency and sophistication. To maintain business continuity, , Service Providers must now prevent DDoS traffic from disrupting their own network-based service offerings, as well as those of their customers.
The evolution of DDoS
DDoS attacks increasingly use multiple vectors, making it virtually impossible for human security analysts to detect and mitigate them effectively. We anticipate that multi-vector attacks will continue to increase, with threat actors using greater numbers and types of vectors. Terabit-sized volumetric attacks will become more common; however, we predict that the trend will continue for the vast majority of DDoS attacks to be short in duration, and sub-saturating in size, in order to evade the protection of legacy DDoS solutions and human security analysts.
What will 2021 bring?
Will 2021 be a better year, overall? One would hope and think so, given how challenging 2020 has been. However, what will the 2021 threat landscape bring, more of the same? Unfortunately, cyber criminals continue to be very successful with phishing campaigns, ransomware, malware, and DDoS attacks, so consider your organization at increasing risk. Cybersecurity professionals have plenty to worry about, and so much depends on human factors, such as cyber hygiene and best practices for employees. If there is one piece of good news, it is that automatic, real-time, DDoS attack mitigation solutions are available to “fight fire with fire”. So, as cybersecurity professionals assess their defenses, DDoS protection should be high on the list.
For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here. If you’d like to learn more, please contact us.