By Robin Schmitt, General Manager, APAC at Neustar
Dec. 16, 2016
This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
In terms of Distributed Denial of Service (DDoS) activity, 2016 was a year like no other, truly unprecedented from start to finish. We've witnessed most disruptive DDoS attacks, including an 650Gbps attack on computer security journalist Brian Krebs' website, the attack on Dyn's DNS infrastructure, impacting high profile sites, and malicious attack on Singapore's telco company that caused major broadband disruption.
Worryingly, organisations in the Asia Pacific region are less prepared to deal with online threats. The region leads the field in the amount of damage left in the wake of a distributed denial of service (DDoS) attack, with 20 percent of APAC enterprises not even planning on investing more in DDoS defense according to the recent Neustar DDoS Attacks & Protection Report.
2016 was a year that will inevitably represent a watershed moment in cybersecurity. Unlike previous years where hackers did just enough to breach defenses, the waning months of 2016 brought forth a new, IoT-infused DDoS terror the likes of which we've never seen, but have been prophesying for years. It is imperative for organisations to invest in the right type of DDoS defence and collaborate with experts who can provide guidance on pre-emptive strategies
While we continue to examine the events of 2016, we're also maintaining a forward vision of what's coming in 2017. Here are the top three predictions of cybersecurity trends to expect in 2017:
1. Mirai was just the beginning
As now-published code that has morphed already from its initial incarnation, new strains and code variants will only increase attack size, complexity, and ferocity in 2017. Mirai type of attacks, those that reconnoiter and test credentials as part of an effort to compromise and enroll devices in botnet arsenals, will significantly shape DDoS attack strategies and experiences. As defenses continue to adapt and mitigate Mirai-based attacks, there will be a substantial ebb and flow in online combat as attackers and defenders work to one-up each other.
2. Conventional DDoS attacks continue to pose a significant threat
Multi-vector attacks are more prevalent as attackers demonstrate a trend of using botnets and techniques to better test and exercise their arsenals. From January 1 through November of 2016, 48 percent of the identified attacks that Neustar mitigated used multiple vectors. As the world focuses on Mirai, the quiet, targeted attacks will remain constant, steady, and dangerous.
3. New threats will be realised in 2017
The advent of IoT technology ubiquity and its exploitation is just one area in which attackers became more emboldened in 2016 as their actions resulted in highly publicised outages. The effectiveness of ransomware, phishing, and malware all reveal many inroads to creating lucrative chaos in organisations. Next year will produce unlimited opportunity and the potential for bad actors to achieve objectives that include theft, disruption, extortion, and impact.