Blockchain startup: 300,000 DDoS attacks will cause $150B in damages this year

Distributed denial of service (DDoS) attacks are growing in frequency, size and sophistication.

Blockchain startup: 300,000 DDoS attacks will cause $150B in damages
Thinkstock

DDoS attacks are expected to number in the hundreds of thousands this year and cost companies billions of dollars in damages. To help organizations understand and protect against such attacks, cybersecurity thought leader Joseph Steinberg shared five top DDoS trends in an exclusive for CSO readers.

“From a high level, we have observed several significant trends related to defending against DDoS attacks,” says Steinberg, a top-ranked columnist covering cybersecurity for Inc. Magazine, TV commentator, expert witness, author, and an advisor to DDoS startup Gladius.

“There are, of course, also numerous other observable trends – such as about the geography of attack origination, the technologies utilizes, etc.), but for those looking 'big picture,' here are some of the key factors that those defending against attacks should be aware.”

Top 5 DDoS trends

  1. Internet of Things (IoT) devices (especially consumer IoT devices) are becoming a favorite zombie for attackers — these devices often utilize a lot of bandwidth and have poor built-in security. Sometime the issue is poor password protection — as we witnessed with Mirai last year, and sometimes the problem is with vulnerabilities in the actual code running on the devices — as we now see the rapid growth of Reaper.
  2. Large-scale DDoS attacks continue to grow larger. There are fewer massive attacks, but when they happen, they are significantly larger than in the past. This trend is likely to continue, and the ease of compromising and commandeering many bandwidth-intensive IoT devices is only going to make this problem continue to worsen for the foreseeable future.
  3. Various DDoS protection firms are punishing customers who are victims of DDoS attacks. Sometimes the security companies pass through a significant charge for their having to incur the expense of absorbing large volumes of data, and sometimes they terminate customer accounts if a customer turns into a losing proposition.
  4. As it is for so many other purposes, the power of blockchain is being explored as a next-generation defense against DDoS attacks. By eliminating the middle man, blockchain promises to deliver greater efficiency at a lower cost and reduce the number of potential points of failure, thereby making it a potentially ideal mechanism for shielding against DDoS attacks.
  5. Whereas SYN Floods and other “simplistic” attacks used to be common, more complex attacks (for example, those leveraging application-level activities such as HTTPS) are increasingly frequent. This technological change is significant, as it means attacks may cause denial-of-service conditions to occur by overloading CPUs even when utilizing far less bandwidth than their more basic predecessors.

DDoS Diary

An excerpt from the latest DDoS Diary published by Cybersecurity Ventures lists noteworthy DDoS activity for CISOs and IT security teams to be aware of:

DDoS market

What does the growing attack activity mean for DDoS prevention firms?

One company, Gladius, a blockchain-based DDoS startup, plans an Initial Coin Offering (ICO) in November of this year. An ICO is a way to raise money that blockchain-based companies use to they sell their first tokens in exchange for other tokens — usually Bitcoin or Ethereum (ETH), according to Steinberg. They then cash out the other tokens.

Gladius estimates there have been 300,000 DDoS attacks this year, causing $150 billion in damages.

Max Niebylski, founder and CEO at Gladius, looks like he can be mistaken for Batman’s sidekick, Robin. Co-founders Alex Godwin and Marcelo McAndrew look even younger. But make no mistake — these are serious programmers, and they're the type of ambitious cyber fighters our industry needs to combat the legion of hackers-for-hire aiming DDoS attacks at organizations globally.

Steinberg is an advisor to Gladius, alongside other seasoned veterans who are lending their experience to the startup.

The DDoS space should expect to see interesting new market entrants in 2018.

Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity.

Follow me on Twitter @CybersecuritySF, or connect with me on LinkedIn. Send story tips, feedback and suggestions to me here.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.