One of 2016’s most memorable tech moments? The October cyberattack that crippled much of the American internet and earned the dubious distinction of being the largest of its kind in history. Think your business can breathe easy with that particular incident behind you? Think again. According to a recent report from Deloitte, we can expect more of the same—and potentially worse—in 2017. Here’s what you need to know.
The 411 on DDoS Attacks
October’s global distributed denial-of-service ("DDoS") assault on cloud-based internet provider Dyn not only brought down sites including Etsy, Reddit, Twitter and Spotify, but also resulted in internet outages all over the world. Described by The Telegraph as “one of the most potent tools in a cyber criminal's arsenal,” DDoS attacks involve the hijacking of tens of thousands of compromised computers, “AKA botnets,” to attack a single target, such as a website, server or other network resource.
Explains Gizmodo, “DDoS attacks, at the most basic level, work like this. An attacker sends a flurry of packets, essentially just garbage data, to an intended recipient. In this case, the recipient was Dyn’s DNS servers. The server is overwhelmed with the garbage packets, and can’t handle the incoming connections, eventually slowing down significantly or totally shutting down.”
The result? Not only do businesses come grinding to a temporary halt, but the repercussions linger in the form of decreased consumer trust. After all, if it happened before, what will stop it from happening again?
A Growing Problem
As it turns out, consumers have a right to be wary: According to a breadth and depth of tech security experts, last year’s massive DDoS attack was just a harbinger of things to come. The latest to weigh in? Deloitte UK’s technology, media and telecommunications (TMT) practice, which recently predicted that in the year ahead DDoS attacks “will become larger in scale, harder to mitigate, and more frequent.”
Says Deloitte UK head of cyber risk services Phill Everson, “DDoS attacks will not only scale up this year to a terabit per second in some instances, but also increase in frequency to a total of 10 million attacks. The volume and scale of such breaches would challenge the defenses of organizations, regardless of size. This escalation in the DDoS threat is largely due to the growing number of vulnerable IoT devices and online availability of IOT-focused malware (both of which allow relatively unskilled attackers to hijack IoT devices and use them to launch attacks), as well as access to ever higher bandwidth speeds.”
The mandate for businesses of all sizes, according to Everson? The need to both “acknowledge the growing DDoS threat and consider how best to handle attacks of these magnitudes.” In addition to fortifying your internal defenses through the implementation of heightened cybersecurity measures, adopting smarter communication strategies is also a vital part of mitigating damage during and after a DDoS attack.