The world has been going through significant changes: facing a global COVID-19 pandemic, researching how the SARS-CoV-2 virus works and then delivering a defense via vaccines to fight back. Similarly, in the world of cybersecurity, we saw many changes in the first half of 2021. A10 Networks’ (News - Alert) recent report on the H1 2021: The Global State of DDoS Weapons sheds light on potential DDoS weapons and their behavior to ensure DDoS attacks can be mitigated regardless of the country or organization they belong to. The report provides detailed insights into the origins of DDoS activity, how easily and quickly modern malware can hijack IoT devices and convert them into malicious botnets, and what organizations can do to protect against such activities.
As per the report, while DDoS attacks kept growing in size and frequency, attackers particularly focused on low-volume attacks that ran for longer periods of time, frequently injecting attack traffic. These low-volume attacks helped them evade basic defensive measures, but low thresholds still had a significant impact systems and operations. We also saw some positive changes, for example, a large-scale botnet takedown by an international operation across different continents. Organizations began paying a lot more attention to DDoS, raising awareness around the role of malware in DDoS attacks, and providing insights into how systems and operations can be protected from attacks, large or small.
Organizations are paying more attention to infectious malware, like Mozi. In fact, some vigilante groups have even started using DDoS attacks as a defensive measure, attacking systems that exhibit scanning behavior. A10 has seen this behavior exhibited on our own honeypots. While employing DDoS attacks against the very attackers might be considered controversial, it helps ultimately reduce DDoS attacks and the expansion of botnets.
Key Insights from the report:
In conclusion, cybercriminals and cyberattacks have been evolving at a steady pace. With new attacks and new malware variants that come out, we see new layers of sophistication in how IoT and smart devices are weaponized. While these attacks become more prevalent, one thing is quite obvious — they don’t go unnoticed. Now is the time to update our defensive strategies by incorporating the Zero Trust model and investing in modern, artificial intelligence/machine learning-based solutions that will not only defeat attacks in real time, but also protect against the unknown.