Fighting Back Against Powerful New DDoS Attack Vectors

By Tom Bienkowski, Director of Product Marketing, NETSCOUT

Conniving hackers are launching sophisticated Distributed Denial of Service (DDoS) attacks more quickly, which presents many risks for enterprises. Research shows there were 8.4 million DDoS attacks globally over the last year alone. That’s 23,000 hacks every day and 16 each minute.

These sophisticated attacks can easily breach enterprise defenses and wreak havoc because bad actors are relentlessly uncovering and exploiting dangerous new vectors–especially on IoT devices. Service providers need to defend themselves and protect their customers by getting greater insight and visibility into these threats.

The Modern DDoS Attack Landscape

The Internet of Things (IoT) has changed everything about DDoS attacks. Before IoT, hackers would scan the web for vulnerable network hosts with lax security, weak passwords, or neglected systems that they could compromise.

Not only do IoT devices share some of these vulnerabilities, but they also have a much weaker security posture overall. They are often far less secure out of the box because that makes deployment easier. Many use default or weak passwords and rely on older protocols without built-in firewalls, direct user interfaces, or automated patching. Finally, manufacturers usually sell these items at low margins, so they have little incentive to enhance security or fix issues.

Since the Mirai malware went live in 2016, hackers have developed many different IoT-based DDoS attack strains. These botnets discover newly connected devices within 60 seconds of them going online and weaponize everything from smartphones to smart homes. Even worse, hackers can now target the entire IP address ranges by combining multiple vectors or overwhelming systems through short, sustained DDoS attacks.

These budding Mr. Robots and Lisbeth Salander’s also have a much larger pool of victims to choose from, along with seemingly unlimited resources. That allows them to change tactics on the fly while accessing more attack surfaces through cloud services and mobile networks.

Hackers who use these sophisticated methods make it harder to contain the damage. Cybercriminals deploy attacks as a smokescreen while they invade systems and access massive amounts of sensitive data. They then distribute it widely, which can lead to severe financial losses.

Enterprise IT teams must employ advanced defense strategies to analyze and fight back against these threats. Telecommunications carriers and processing centers specifically are subject to more hacks, which can target both the providers themselves and their customers. Because of this, all parties need to plan for the worst by using smart data to optimize security.

Organizations Can Update, Innovate, and Evolve

Even the most well-prepared companies should maintain constant vigilance against formidable online threats. The digital world has changed rapidly in recent years, so organizations need to protect all their distributed environments, on-premises, and in the cloud, by employing DDoS prevention solutions.

IT teams will increase their chances of successfully countering opponents if they connect and collaborate while simplifying workflows and staying resilient. These professionals should routinely secure vulnerable hardware and software to ensure only legitimate users can access those services. They also need to monitor all traffic and respond immediately if suspicious vectors appear.

Enterprises should further conduct regular attack mitigation drills and employ automated detection tools during normal operations. That way, staff can evolve internal processes to defend networks and respond swiftly to cyber threats using the proper protocols.

Business leaders also need to ensure they don’t put a lid on staff innovation after hacks occur. When companies suffer lengthy outages following cyberattacks, some C-suite leaders think twice about adopting any new technologies.

That’s a dangerous proposition since businesses end up trailing the competition. Organizations need to encourage the use of modern tools that protect industries while decreasing risk.

Today’s hackers have more dangerous vectors in their arsenals than ever before, and they know how to deploy them for maximum impact. The good news is that when enterprises deploy the right tools, they can fight back. By using innovative solutions that keep assets safe, cybersecurity teams will defend their systems from DDoS attacks for years to come.

About the Author

Tom Bienkowski has been in the network and security field for over 20 years. During this time, he worked for large enterprises as a Network Engineer and for multiple network management and security vendors where he has had roles in Sales Engineering/Management, Technical Field Marketing, and Product Management. He currently serves as Director of Product Marketing focusing on NETSCOUT’s industry-leading DDoS protection solutions.