Posted on June 16, 2021 at 4:12 PM
Many tech companies are facing an increased level of cyber threats, especially those connected to distributed denial of service (DDoS) attacks. In line with this, Nokia’s data analytics arm, Nokia Deepfield, has made an interesting observation.
The security team recently disclosed its global DDoS traffic analysis from January 2020 to May 2021.
The team said daily DDoS traffic increased by 100% between the period due to the high number of poorly secured IoT devices and the Cloud.
The company analyzed network traffic via its origin and fingerprint analysis in collaboration with digital enterprises, webscale companies, and global service providers. Chief Technology Officer of Nokia Deepfield, Craig Labovitz, presented the findings from global DDoS traffic analysis.
Most attacks came from a few dozen companies
Based on the analysis, most of the high-bandwidth attacks came from a few dozens of hosting companies.
The study analyzed the overall changes in internet traffic patterns when it comes to firms providing residential broadband services and content delivery networks.
According to the findings, there has been a rapid change in consumption patterns in line with the service provider traffic due to the high demand for broadband connectivity with the COVID-19 era.
While a streamlined infrastructure was in place, Nokia Deepfield still encountered a more than 100% increase in the daily traffic.
Most DDoS attacks can be stopped
Labovitz also stated that conventional wisdom may conclude that it is virtually impossible to stop DDoS attacks coming from all over the internet.
“But conventional wisdom is wrong,” he said, adding that most of the DDoS attacks within the dozens of companies can be stopped or prevented. It can also be stopped based on the actions taken by the internet service providers (ISPs) that give connection to these companies.
The researchers also stated that DDoS attacks now have a threat potential of more than 10 Tbps, which is about 5 times bigger than the highest ever reported DDoS attack. According to Labovitz, the largest ever DDoS attack on an organization pumped traffic speed of about 2 Tbps.
However, Google revealed in 2017 that it had to deal with a state-backed attack from China that sent 2.54 Tbs of attack, which seems to be the largest ever reported.
Nokia Deepfield also stressed the major role vulnerable IoT devices have played to enable these DDoS attacks. Earlier last month, about 200 government and university websites in Belgium suffered DDoS attacks.
The team also found out that the DDoS attack gained more ground during the heat of the COVID-19 pandemic when most workers were directed to work from home.
DDoS attack rising exponentially
Labovitz has also noted that the growth curve of DDoS attacks is exponential because of these vulnerable devices.
It’s also a result of the high number of servers that can be exploited for launching DDoS as well as an increased number of IoT devices with default or sub-standard security. As a result, they are now more open to botnet control and hijacking, Lobovitz stated.
He stated that while the capability of a DDoS attack to hit 10 Tbps is evident, it’s share luck that such a number has not been witnessed before in any attack.
But organizations should be warned that DDoS attacks can hit such levels and even higher.
DDoS attacks have an immense negative impact on organizations
The threat of a DDoS attack should be taken very seriously because it can be highly detrimental to the day-to-day operation of the affected organization. It can cause severe harm to the service availability and connectivity framework on a large scale, which can lead to the loss of millions of dollars.
To tackle this issue, Nokia’s analysis team has advised organizations to consider upgrading their security infrastructure to quickly determine any imminent DDoS attack on the network. Organizations should use a highly functional system that will enable the streamlining and optimization of security outflows with high flexibility.
The security systems should also have a quick and accurate detection capacity to spot any impending attack before they become a big issue for the organization, the Nokia analytics team reiterated.
It’s also important that governments, regulators, cloud builders, vendors, and users understand the dangers of DDoS attack to protect their servers effectively.