While the world experienced 2020 as a global health crisis, cybercriminals saw it as an opportunity—and they took full advantage. They have stepped up their efforts, launching a record number of distributed denial of service (DDoS) attacks and other cyber incursions at targets all around the world.
For the first time in history, the annual number of DDoS attacks monitored by the NETSCOUT ATLAS system crossed the 10 million threshold, with NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) observing 10,089,687 attacks over the course of the year. That’s nearly 1.6 million more attacks than 2019’s count of 8.5 million.
And, according to a recent report, 80 percent of enterprises have seen an increase in cyberattacks, with big jumps in cloud-based attacks, ransomware, etc., along with increased phishing activity and social engineering.
COVID-19 Has Exposed New Vulnerabilities
Cybercriminals have focused on the shifts associated with the pandemic. For example, the increase in remote work also increased the usage of VPN concentrators, exposing users usually protected by layered enterprise security solutions to a broader range of threats. The need for educational institutions at all levels to offer online learning has also led to expanded attention from cybercriminals.
When it comes to DDoS, we have seen an unprecedented number of shorter, faster, and more complex attacks. Moreover, the spread of targets has broadened, with more focus on gaming, healthcare, and e-commerce organizations, with attacks tuned for an immediate impact, with no ramp-up.
Today, complex attacks with 15-plus vectors are common. The latest NETSCOUT Threat Intelligence Report found that these attacks have increased by 2,851 percent since 2017—they are now one of the most potent weapons in the DDoS attack arsenal.
What’s Coming in 2021?
With all of this in mind, businesses, service providers, and individuals must maintain constant vigilance, especially given some of the following shifts we are seeing:
- Work-from-home has changed the game. As organizations have adopted to increased remote work, many have upgraded technology such as VPN concentrators and unified communication and collaboration solutions, as we’d expect. What’s clear, however, is that attackers have taken advantage by targeting that now suddenly vital infrastructure and exploiting the reduction in layered security and policy controls as users move outside of the secured office network.
- Investment in the ‘ISP edge’ increases security challenges. In many cases, ISP investment is now focused around capacity and service infrastructure being deployed at the network edge. Centralized deployments of things such as value-added service infrastructure, caching infrastructure, and DDoS mitigation infrastructure have become less desirable. This increased distribution of service infrastructure to the network edge is driving a need to mitigate DDoS attacks “at the edge,” quickly blocking attack traffic at its entry point—regardless of whether it is coming from a peer, a customer, or a public cloud connection—before it has a chance to cause any level of impact. This requires a new level of network defense orchestration, leveraging both intelligent and infrastructure capabilities.
- Online gaming drives even more DDoS attacks. Gaming is poised for its next evolution, with cloud gaming and 5G enabling a raft of new services, but, these will succeed only if the industry can guarantee consistent performance and availability. Unfortunately, an increasing number of gamers are now feeling the impact of easy-to-use and powerful online tools that can launch DDoS attacks that can affect an entire game, or a single user’s experience of it. Defending end users and small to midsized businesses from these kinds of attacks using high-scale, high-automation, low-cost ISP or cloud-delivered services is a growing area of discussion.
- Next-gen mobile services are driving a step-change in visibility and security requirements around mobile communications. Next-gen mobile services for enterprise and IoT applications have both implicit and explicit security requirements. Mobile network operators are looking at how they can extend their visibility and security capabilities to defend against threats, to ensure that these services are a success for everyone involved.
What’s interesting, looking at the list above, is that there is something for everyone. Whether you are an ISP, a mobile operator, an enterprise, or a consumer, there have been shifts during the last year that should make you sit up and take a look at the security of the services and infrastructure you rely on.
Read the White Paper: Defend Your Network at Scale with Smart Protection.
- Threat Intelligence