According to Nokia Deepfield, daily DDoS peak traffic has increased by 100% in Jan 2020 and May 2021. Poorly secured IoT devices and Cloud are to blame, according to the CTO of Nokia Deepfield.
Nokia’s Data Analytics arm analyzed network traffic through their fingerprint and origin analysis in partnership with global service providers, webscale companies, and digital enterprises. Craig Labovitz, the CTO of Nokia Deepfield, showcased the findings of the company’s global DDoS traffic analysis at NANOC82 this week.
The analysis showed a sharp spike and that the majority of high-bandwidth, volumetric DDoS attacks originated from a few dozen hosting companies.
Labovitz told ZDNet conventional wisdom has it that DDoS attacks originating from all over the Internet can’t be stopped.
“But conventional wisdom is wrong. We can stop the vast majority of DDoS within these 50 companies (e.g. if the hosting companies block bad customers) or by actions taken within the 10-15 internet service providers that connect these hosting companies to the Internet,” he said.
Security researchers also discovered the potential of DDoS attacks to reach over 10 Tbps bandwidth – a threat level that is five times higher than the largest reported DDoS attack. It took place in 2017 when Google dealt with a 2.54 Tbps massive attack that was launched by a Chinese state-sponsored group.
The rise in the number of attacks was largely due to the increasing number of Internet of Things (IoT) devices and “open and insecure internet services,” according to Nokia Deepfield.
According to Labovitz, the exponential growth of the Internet of Things and Cloud and an increasing number of IoT devices without the necessary security measures have raised the level of DDoS attacks significantly. While the exponential growth of DDoS attacks is threatening the whole Internet’s stability.
“The second main point of my presentation today is that the exponential DDoS growth curve represents an existential threat to the Internet. This is due to the expanding number of servers (that can be exploited for launching DDoS) and a large number of IoT devices with sub-standard or default security (therefore, open to hijacking and botnet-control),” Labovitz said.