DDoS attacks are expected to number in the hundreds of thousands this year and cost companies billions of dollars in damages. To help organizations understand and protect against such attacks, cybersecurity thought leader Joseph Steinberg shared five top DDoS trends in an exclusive for CSO readers.
“From a high level, we have observed several significant trends related to defending against DDoS attacks,” says Steinberg, a top-ranked columnist covering cybersecurity for Inc. Magazine, TV commentator, expert witness, author, and an advisor to DDoS startup Gladius.
“There are, of course, also numerous other observable trends – such as about the geography of attack origination, the technologies utilizes, etc.), but for those looking 'big picture,' here are some of the key factors that those defending against attacks should be aware.”
Top 5 DDoS trends
- Internet of Things (IoT) devices (especially consumer IoT devices) are becoming a favorite zombie for attackers — these devices often utilize a lot of bandwidth and have poor built-in security. Sometime the issue is poor password protection — as we witnessed with Mirai last year, and sometimes the problem is with vulnerabilities in the actual code running on the devices — as we now see the rapid growth of Reaper.
- Large-scale DDoS attacks continue to grow larger. There are fewer massive attacks, but when they happen, they are significantly larger than in the past. This trend is likely to continue, and the ease of compromising and commandeering many bandwidth-intensive IoT devices is only going to make this problem continue to worsen for the foreseeable future.
- Various DDoS protection firms are punishing customers who are victims of DDoS attacks. Sometimes the security companies pass through a significant charge for their having to incur the expense of absorbing large volumes of data, and sometimes they terminate customer accounts if a customer turns into a losing proposition.
- As it is for so many other purposes, the power of blockchain is being explored as a next-generation defense against DDoS attacks. By eliminating the middle man, blockchain promises to deliver greater efficiency at a lower cost and reduce the number of potential points of failure, thereby making it a potentially ideal mechanism for shielding against DDoS attacks.
- Whereas SYN Floods and other “simplistic” attacks used to be common, more complex attacks (for example, those leveraging application-level activities such as HTTPS) are increasingly frequent. This technological change is significant, as it means attacks may cause denial-of-service conditions to occur by overloading CPUs even when utilizing far less bandwidth than their more basic predecessors.
DDoS Diary
An excerpt from the latest DDoS Diary published by Cybersecurity Ventures lists noteworthy DDoS activity for CISOs and IT security teams to be aware of:
- A report from Nexusguard indicates an increasing percentage of recent DDoS attacks employed blended, multi-vector approaches. The research states that hackers continued to rely on volumetric attacks to overwhelm system resources.
- A drop off in previously lucrative businesses such as spam is forcing some cyber criminals into new revenue opportunities, including DDoS attacks.
- The U.S. Treasury Department levied sanctions against 11 individuals who have Iranian ties and are alleged to have taken part in DDoS attacks against U.S. banks.
- The public education system within the U.K. appears to be continually susceptible to DDoS attack even after last year’s attack that took down several education sites.
- Even though India is experiencing explosive economic growth, some within the security industry assert that a failure on India’s part to prevent massive cyber incidents, such as DDoS attacks, will hinder future economic growth.
- Fortinet releases a study stating that 90 percent of the systems that are attacked are victimized by 3-year-old exploits.
- According to a study conducted by Akamai, DDoS attacks are on the rise again. Of most significance was the rise of the PBoT attack — an attack vector that relies on relatively old PHP code.
- According to security firm Kaspersky Lab, DDoS as a means of extortion is on the rise.
- The Federal Communications Commission refuses to divulge its countermeasures when discussing DDoS attack prevention. It says revealing their countermeasures would jeopardize their operational security.
DDoS market
What does the growing attack activity mean for DDoS prevention firms?
One company, Gladius, a blockchain-based DDoS startup, plans an Initial Coin Offering (ICO) in November of this year. An ICO is a way to raise money that blockchain-based companies use to they sell their first tokens in exchange for other tokens — usually Bitcoin or Ethereum (ETH), according to Steinberg. They then cash out the other tokens.
Gladius estimates there have been 300,000 DDoS attacks this year, causing $150 billion in damages.
Max Niebylski, founder and CEO at Gladius, looks like he can be mistaken for Batman’s sidekick, Robin. Co-founders Alex Godwin and Marcelo McAndrew look even younger. But make no mistake — these are serious programmers, and they're the type of ambitious cyber fighters our industry needs to combat the legion of hackers-for-hire aiming DDoS attacks at organizations globally.
Steinberg is an advisor to Gladius, alongside other seasoned veterans who are lending their experience to the startup.
The DDoS space should expect to see interesting new market entrants in 2018.
Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity.
Follow me on Twitter @CybersecuritySF, or connect with me on LinkedIn. Send story tips, feedback and suggestions to me here.