Terabit-Scale Multi-Vector DDoS Attacks to Become the New Normal in 2017, Predict DDoS Experts
December 07 2016 - 6:00AM
Business Wire
Recent Mirai botnet foreshadows DDoS threats
growing in size, scale and complexity in the coming year;
businesses and governments to take heed due to increasing
vulnerabilities in IoT Infrastructure
Large terabit-scale DDoS attacks will continue to wreak havoc
and become a regular occurrence in 2017 unless Internet Service
Providers harden their DDoS defenses, according to 2017 predictions
from Corero Network Security (LSE: CNS), a leading provider of
real-time security solutions against DDoS attacks.
With 2016’s rear-view mirror showcasing significant, new
high-volume attacks, Corero’s threat predictions for 2017
include:
- Terabit-scale attacks to become the new
norm, impacting ISPs and the Internet backbone itself
- Novel zero-day reflection and
amplification attacks will appear with more frequency, enabling
more sophisticated and targeted attacks
- DDoS attacks will become a top security
priority, with increased disruption to businesses and government
due to rising threat levels
The Mirai botnet, which was responsible for a string of attacks
in recent months including the DDoS attack against DNS provider Dyn
in October, will continue to evolve as hackers take advantage of
the billions of poorly-secured, Internet-connected devices
currently in use worldwide. In terms of its size, the Mirai botnet
is currently believed to have a population of around 300,000
Internet-connected devices, but its population could increase
significantly if hackers amend the source code to include root
credentials for other types of vulnerable devices.
Corero predicts that the Mirai botnet will also become more
complex in 2017, as hackers evolve and adapt the original package,
equipping it with new methods of launching DDoS attacks. Mirai is
currently believed to contain around ten different DDoS attack
techniques – or vectors – which can be utilized by hackers to
leverage an attack. Corero believes this will increase during 2017
as attackers develop new methods, and then make them open source
and available for anyone to leverage.
“While the Mirai botnet is certainly fearsome in terms of its
size, its capacity to wreak havoc is also dictated by the various
attack vectors it employs. If a variety of new and complex
techniques were added to its arsenal next year, we may see a
substantial escalation in the already dangerous DDoS landscape,
with the potential for frequent, Terabit-scale DDoS events which
significantly disrupt our Internet availability,” said Dave Larson,
CTO and COO at Corero Network Security.
“While the motivations for such attacks are endless, the range
of potential political and economic fallouts from such attacks
could be far-reaching. Our entire digital economy depends upon
access to the Internet, and so organizations should think carefully
about business continuity in the wake of such events. For example,
it may be prudent to have back-up telephone systems in place to
communicate with customers, rather than relying solely on VOIP
systems, which could also be taken down in the event of an
attack.”
As an example of the pace of change in the DDoS landscape, the
Corero Security Operations Centre recently warned of an extremely
powerful new zero-day DDoS attack vector which utilizes the
Lightweight Directory Access Protocol (LDAP), and has the potential
to amplify attacks by as much as 55x.
“Certainly the Internet community needs to prepare for potent
attack vectors like this to be added to botnets like Mirai. The
combination of zero-day DDoS vectors, Mirai delivery mechanisms and
attacker ingenuity would seem to indicate that Terabit-scale
attacks could occur more frequently next year and internet
availability in states, major geographic regions or even countries
could be impacted significantly,” said Larson. “Individual DDoS
attacks tend to cost large enterprises $444,000 per incident in
lost business and IT spending, so the combined economic impact from
an entire region being affected would be extremely damaging.1”
Action by ISPs
While much of the focus in the wake of recent IoT-related DDoS
attacks was put on encouraging manufacturers to install proper
security controls on internet-connected devices before they are
issued, ISPs also have an important role to play in reducing the
number of future DDoS attacks.
At a local level, ISPs could significantly reduce the overall
volume of DDoS attacks across their networks by employing systems
to detect and remediate infected bots that are used to launch DDoS
attacks. Further, best practices exist and can be leveraged to
utilize ingress filtering to remove the problem of spoofed IP
addresses that are widely used in reflection DDoS attacks. This
simple improvement to service provider hygiene would be a great
initial step at reducing the overall volume of DDoS traffic.
Dave Larson explains: “ISPs will find themselves at an important
crossroads next year. By working together with governments and the
international community, ISPs can strengthen the underpinning
infrastructure of the Internet and significantly reduce the volume
of malicious traffic flowing across their networks.
“These methods aren’t a quick fix, and they certainly can’t
protect against the full spectrum of DDoS attacks, but they would
be a vital first step in speeding up our global response to
attacks. I’m hopeful that the future of volumetric DDoS attacks in
two or three years’ time will be significantly reduced by the
combined efforts of ISPs, device manufacturers, security vendors
and even government entities. As this community rallies together to
better protect the integrity of the Internet we may see ourselves
in a very different place down the line.”
About Corero Network Security
Corero Network Security is the leader in real-time,
high-performance DDoS defense solutions. Service providers, hosting
providers and online enterprises rely on Corero’s award winning
technology to eliminate the DDoS threat to their environment
through automatic attack detection and mitigation, coupled with
complete network visibility, analytics and reporting. This
next-generation technology provides a First Line of Defense®
against DDoS attacks in the most complex environments while
enabling a more cost effective economic model than previously
available. For more information, visit www.corero.com.
1 Kaspersky DDoS Report, 2014
https://media.kaspersky.com/en/B2B-International-2014-Survey-DDoS-Summary-Report.pdf
View source
version on businesswire.com: http://www.businesswire.com/news/home/20161207005133/en/
Elevate CommunicationsJohn Gates, 617-861-3651 (o)617-548-8972
(m)Jgates@elevatecom.com
Corero Network Security (LSE:CNS)
Historical Stock Chart
From Apr 2024 to May 2024
Corero Network Security (LSE:CNS)
Historical Stock Chart
From May 2023 to May 2024