Corero research revealed that the number of DDoS attacks almost doubled in the second half of the year, with many companies now experiencing an average of 8 attacks per day. This problem is exacerbated by the reality that DDoS attacks have become far more complex and deceptive in recent years. They are no longer simply designed to deny service, but to deny security, by acting as a camouflage to mask other malicious activities – usually data theft and network infiltration.
As a result, we also saw a steady growth during 2017 in the number of Ransom-related DDoS threats (RDoS), and DDoS attacks involving multiple different attack vectors.
>See also: When crime pays: the business of DDoS attacks
So how is this landscape likely to change in 2018? This article outlines our top predictions for DDoS attacks in the year ahead and offers advice about how organisations can best protect their networks, devices and data from the evolving threats.
Larger, more frequent DDoS attacks on cryptocurrency platforms
The cryptocurrency gold rush has dominated the news agenda and been the buzz word in financial markets around the world during 2017. But, as investors flock to these platforms, they have also become a hot target for cybercriminals looking to exploit the vast wealth and formative security policies in use. DDoS attacks against cryptocurrencies have been a common occurrence as of late, crippling the exchanges.
At the end of last year, we witnessed several distributed denial of service attacks on such platforms, including two subsequent attacks on the cryptocurrencies exchange Bitfinex and another one on the UK cryptocurrency start-up Electroneum.
With the growing popularity of digital currencies, the volume of these attacks is likely to increase dramatically during 2018. In the future, DDoS attacks against digital currency could be utilised to manipulate the exchange market or the targeted currency, as a component of a broader attack.
>See also: DDoS attacks are an increasing concern for IT security pros
For example, they could prevent traders from logging into accounts and making transactions, causing the value to drop. Attackers could then buy as much as they can while the price is low – impacting the overall value of the currency.
DDoS protection for industrial systems in the face of NIS penalties
2018 is set to be an important year in terms of cyber security compliance, with the European General Data Protection Regulation (GDPR) at the front of many of our minds as we start the year. But for critical infrastructure organisations, the NIS Directive will be the one to worry about, with significant fines on the horizon if they experience service outages that impact the delivery of essential services.
In the US, the next wave of NIST guidelines could impact how Federal agencies safeguard the information contained in their systems, ensuring that these systems operate securely and reliably.
Across all parts of national critical infrastructure, there are a greater number of sophisticated and damaging cyber threats, which are often believed to be the work of foreign governments seeking to cause political upheaval or a tactical advantage in the growing theatre of cyberwarfare. DDoS attacks against the transport network in Sweden recently caused train delays and disrupted travel services, while the WannaCry ransomware attacks in May demonstrated the capacity for cyber attacks to impact people’s access to essential services.
>See also: Brexit negotiations could be disrupted by DDoS attacks
Given the capacity for cyber-attacks against critical infrastructure to cause enormous social disruption, we are likely to see an increase in these during 2018, with providers needing to ensure they have rigorous defences in place.
The dangers of poor hybrid cloud security
While the hybrid cloud concept introduces new architecture considerations such as data migration, multi-cloud management, and distributed security models, it also presents new complications as far as security is concerned.
Poor security within hybrid clouds could leave organisations vulnerable to DDoS attacks and secondary malware infections. As enterprise architectures evolve into services and virtualization deployments across heterogeneous environments, standardised protection against the evolving cyber threat landscape has never been more critical.
These steady migrations will require a comprehensive cyber security strategy to properly protect against the evolving threat landscape, including DDoS. Layered security strategies must meet the demands of innovative organisations. Their move toward public and private clouds must be elastic to deploy and scale as needed.
>See also: Major French news sites victim of DDoS attack
Best practices
To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain a comprehensive visibility across their networks in order to spot and resolve any potential incursions as they arise.
During the year ahead, DDoS attacks will continue to be recognised as a complex, evolving threat that is often used as part of a wider assault on an organisation’s cyber defences.
A strong security posture involves having a single pane of glass over which IT teams can correlate the DDoS activity with any other threats they are seeing. It is only by deploying an always-on DDoS mitigation system, which can detect and mitigate all DDoS attacks as they occur, as part of a broader defence-in-depth security strategy that security teams can protect themselves from the threats posed by cybercriminals.
Sourced by Sean Newman, director at Corero Network Security