Guest OpEd by MJ Shoer, SVP, Executive Director at CompTIA ISAO
A DDoS attack is a malicious attempt to sabotage someone’s online business.
It occurs when a botnet, which is a network of hijacked devices, sends an abundance of requests to a server in order to take it down.
Disruption, as well as loss of revenue and the trust of clients and partners are enough to cripple any business.
However, they are also usually accompanied by ransom demands, data theft, and other, more devastating misdeeds.
A DDoS attack is a versatile and therefore popular weapon among hackers today. As technology rapidly evolves, so do DDoS attacks, thus becoming faster and more substantial each year.
For example, now they don’t require any technical skills or even a thick wallet, so essentially anyone can selfishly use them for personal gain.
What else does the future of DDoS attacks have in store for us?
DDoS Attacks Are Becoming More Frequent
2020 has seen a major rise in DDoS attacks, which can be attributed to the global pandemic, among other things.
As people all over the world had to transfer their lives to the Internet, hackers didn’t hesitate to take this opportunity to wreak havoc and make some money on the side.
According to Cloudflare’s reports, Q3 saw a major rise in DDoS numbers.
While that wasn’t the case with Q4, which actually brought about a decrease in total attack numbers, other concerning trends have emerged.
For instance, extortion and ransom DDoS attacks are becoming increasingly popular and this most likely won’t change any time soon.
Be that as it may, we can expect DDoS attack numbers to rise again.
After all, each new IoT device presents a new potential bot that a hacker can take advantage of to expand their already vast botnet.
In 2019, there have been 7.6 billion active devices. Predictions say this figure is about to rise to a whopping 24.1 billion by 2030.
How 5G and AI Are Transforming DDoS Attacks
As we mentioned, DDoS attacks have evolved to be accessible to everyone.
What’s more, they’re more sophisticated now than they’ve ever been.
That’s all thanks to the most recent technological advancements, such as AI, 5G, Wi-Fi 6, etc.
AI and machine learning can help hackers locate weak passwords and automatically spread malware. In other words, they can now expand their botnets in a short amount of time and without much effort.
DDoS attacks today are no longer static, but rather dynamic and thus more difficult to detect and stop than ever.
In addition, the advent of 5G will bring about more reliable, low latency communication, superfast broadband, etc.
Unfortunately, hackers will most likely reap these benefits to execute more efficient DDoS attacks.
We Can Expect DDoS Attacks to Become Even More Devastating
Aside from becoming more frequent, faster, and smarter, DDoS attacks will cause more disruption than ever.
Recently, we’ve seen advancements in DDoS amplification techniques.
One of such is DNS amplification, which allows the hacker to send small queries and magnify them, turning them into large responses that generate loads of traffic.
More and more attacks are using this method and it seems they will continue to do so in the future, at least until something better pops up.
Up until recently, fast attacks were all the rage, but it seems as though the situation is changing.
The previously mentioned Cloudflare cybersecurity report for Q4 shows us that large, i.e., long and exhausting attacks are on the rise.
In 2020, we saw the most massive DDoS attack ever publicly disclosed.
Amazon Web Services claim it measured 2.3 Tbps.
(In February, Amazon Web Services reported that it had to defend against a DDoS attack with peak traffic of 2.3 Tbps, the largest attack ever recorded. The attack was successfully mitigated by AWS Shield, an Amazon service that protects the cloud computing platform from DDoS attacks, bad bots, and vulnerabilities. In this Technado mini clip, the guys discuss their thoughts on the attack, how it might have happened, and how Amazon responded. Courtesy of ITProTV and YouTube.)
The previous record-holder was GitHub, which experienced an attack of 1.3 Tbps only a year prior.
Thus, we have reason to believe that DDoS attacks in the future will significantly grow in size.
DDoS Protection Needs to Adapt to Ongoing Changes
In order to deal with the ever-growing DDoS attacks, we need to catch up to the sly hackers, who are always coming up with new ways to improve.
In order to do that, we need to pay more attention to this issue and conduct more research.
First of all, we need more effective DDoS response strategies.
As the traffic comes from a great number of devices, it’s hard to detect which node is the source of the problem. Therefore, it can take hours just to identify an attack.
Furthermore, nobody’s safe, so all companies should be cautious, regardless of their line of business.
In fact, healthcare and government websites are common victims, not just multi-million dollar platforms like Amazon, Twitter, etc.
Aside from coming up with detailed response plans to help them mitigate the attack, companies should also invest more in DDoS protection.
In addition, cybersecurity companies and ISP providers need to develop better vetting practices and defenses.
Tech manufacturers will also have to work on improving the security of their IoT devices, making them more resilient to hacker attacks.
Anyhow, to prevent a DDoS attack, one must implement a multi-layer cybersecurity solution.
That involves increasing the bandwidth, setting up backup servers, keeping up with updates, constant monitoring of traffic, etc.
We also hope to see more helpful and easy-to-use DDoS security tools emerge in the near future.
Conclusion
The future might not seem the brightest, with the increase of DDoS popularity, more efficient and more destructive attack tactics.
However, we do have the technology required to fight them.
We only need to learn how to use it to our advantage.
All signs point to the fact that we need to pay more attention and invest more in DDoS research and protection.
(Helios IT Services Founder Stetson Blake highlights eight basic cyber-attacks and how to prevent them. Think that breaches only happen to large, news-worthy organizations? Watch the video and think again. These cyber-attacks are so basic, you just might miss them. You’ll learn how hackers approach your accounts and devices, but more importantly how you can educate yourself to prevent such events. Courtesy of CompTIA and YouTube.)
About the Author
MJ Shoer is SVP, Executive Director, CompTIA ISAO, at CompTIA, (the Computing Technology Industry Association), a world leading tech association with a mission to advance the global technology industry.
CompTIA ISAO is an Information Sharing and Analysis Organization which strives to raise the cybersecurity resilience of the global tech industry.
MJ has over 30 years’ experience in the IT industry, having founded and run an MSP for nearly 20 years before it was acquired as well as consulting with MSPs, SMBs and channel organizations.
(Learn More. CompTIA is here to help IT pros maximize their potential in IT. Learning potential, earning potential, you name it; we’ve got a place for you here. We’re committed to your IT career success and will be there throughout your IT journey. Courtesy of CompTIA and YouTube.)
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos
