Skip to main content
Articles

What can be expected from DDoS attacks in 2018?

By February 2, 2018#!31Sat, 02 Mar 2019 20:17:48 -0300p4831#31Sat, 02 Mar 2019 20:17:48 -0300p-8America/Sao_Paulo3131America/Sao_Paulox31 02pm31pm-31Sat, 02 Mar 2019 20:17:48 -0300p8America/Sao_Paulo3131America/Sao_Paulox312019Sat, 02 Mar 2019 20:17:48 -0300178173pmSaturday=904#!31Sat, 02 Mar 2019 20:17:48 -0300pAmerica/Sao_Paulo3#March 2nd, 2019#!31Sat, 02 Mar 2019 20:17:48 -0300p4831#/31Sat, 02 Mar 2019 20:17:48 -0300p-8America/Sao_Paulo3131America/Sao_Paulox31#!31Sat, 02 Mar 2019 20:17:48 -0300pAmerica/Sao_Paulo3#No Comments

2017 will be remembered as the year of massive data breaches, state-sponsored attacks, numerous ransomware threats and more phishing scams we can count. But it also marked a turning point for the DDoS landscape

A research revealed that the number of DDoS attacks almost doubled in the second half of the year, with many companies now experiencing an average of 8 attacks per day. This problem is exacerbated by the reality that DDoS attacks have become far more complex and deceptive in recent years. They are no longer simply designed to deny service, but to deny security, by acting as a camouflage to mask other malicious activities - usually data theft and network infiltration.

As a result, we also saw steady growth during 2017 in the number of Ransom-related DDoS threats (RDoS), and DDoS attacks involving multiple different attack vectors.

So how likely is this landscape to change in 2018? This article outlines our top predictions for DDoS attacks in the year ahead and offers advice on how organizations can best protect their networks, devices and data from the evolving threats.

Larger, more frequent DDoS attacks on cryptocurrency platforms

The gold rush has dominated the news agenda and been the buzz word in financial markets around the world during 2017. But, investors flock to these platforms, they have also become a hot target for cybercriminals looking to exploit the vast wealth and formative security policies in use. DDoS attacks against cryptocurrencies have been a common occurrence as of late, crippling the exchanges.

At the end of last year, we witnessed several distributed denial of service attacks on such platforms, including two subsequent attacks on the cryptocurrencies exchange Bitfinex and another one on the UK cryptocurrency start-up Electroneum.

With the growing popularity of digital currencies, the volume of these attacks is likely to increase dramatically during 2018. In the future, DDoS attacks against digital currency could be used to manipulate the exchange market or the targeted currency, as a component of a broader attack. .

For example, they could prevent traders from logging into accounts and making transactions, causing the value to drop. Attackers could then buy as much as they can while the price is low - impacting the overall value of the currency.

DDoS protection for industrial systems in the face of NIS penalties

2018 is set to be an important year in terms of cyber security compliance, with the European General Data Protection Regulation (GDPR) at the front of many of our minds as we start the year. But for critical infrastructure organizations, the NIS Directive will be the one to worry about, with significant fines on the horizon if they experience service outages that impact the delivery of essential services.

In the US, the next wave of NIST guidelines could impact how Federal agencies safeguard the information contained in their systems, ensuring that these systems operate securely and reliably.

Across all parts of national critical infrastructure, there are a greater number of sophisticated and damaging cyber threats, which are often believed to be the work of foreign governments seeking to cause political upheaval or a tactical advantage in the growing theater of cyberwarfare. DDoS attacks against the transport network in Sweden recently caused train delays and disrupted travel services, while the WannaCry ransomware attacks in May demonstrated the ability to cyber attacks to impact people's access to essential services.

Given the capacity for cyber-attacks against critical infrastructure to cause huge social disruption, we are likely to see an increase in these during 2018, with providers needing to ensure they have rigorous defenses in place.

The dangers of poor hybrid cloud security

While the hybrid cloud concept introduces new architecture considerations such as data migration, multi-cloud management, and distributed security models, it also presents new complications as far as security is concerned.

Poor security within hybrid clouds could leave organizations vulnerable to DDoS attacks and secondary malware infections. Enterprise architectures evolve into services and virtualization deployments across heterogeneous environments, standardized protection against the evolving cyber threat landscape has never been more critical.

These steady migrations will require a comprehensive cyber security strategy to properly protect against the evolving threat landscape, including DDoS. Layered security strategies must meet the demands of innovative organizations. Their move toward public and private clouds must be elastic to deploy and scale as needed.

Best practices

To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it's essential that organizations maintain a comprehensive visibility across their networks in order to spot and resolve any potential incursions as they arise.

During the year ahead, DDoS attacks will continue to be recognized as a complex, evolving threat that is often used as part of a wider assault on an organization's cyber defenses.

A strong security posture involves having a single crash of glass over which IT teams can correlate the DDoS activity with any other threats they are seeing. It is only by deploying an always-on DDoS mitigation system, which can detect and mitigate all DDoS attacks as they occur, as part of a broader defense-in-depth security strategy that security teams can protect themselves from the threats posed by cybercriminals.

 

Source: information-age.com

Leave a Reply