Dave Larson continues: " Just one highly publicised participant will further fuel the epidemic by causing these demands to spread like wildfire. By deploying in-line, real-time DDoS mitigation tools, properly prepared organisations can stem this tide by refusing the ransom requests, secure in the knowledge that they are protected and can withstand the storm."The growth is being fuelled by the increased automation of DDoS attacks, which allows cyber criminals to enact hybrid, multi-vector attacks and expand their reach on an industrial scale. The Armada Collective cyber attackers recently claimed that their DDoS attacks can be as powerful as one Terabit per second, but the increasing industrialisation of DDoS attacks could soon reap even larger attacks. Corero's Security Operations Centre is already seeing a rise in automated DDoS tools being deployed. In these situations, attackers leverage one attack technique, such as a DNS flood, and if unsuccessful, automatically enact a second technique, such as an UDP flood, and keep leveraging different attack techniques automatically until their target's Internet service is successfully denied. Dave Larson continues: "Lizard Squad is already selling DDoS attacks-as-a-service for as little as $6 a month. To expedite the process, opportunistic cyber criminals may already be developing ransom kits to allow ransom demands to be automated even further. These attack tools know when they're successful and they react in real-time. This level of automation works faster than humans and requires in-line, always-on, DDoS mitigation tools to provide a robust defence. "The Internet of Things further exacerbates this problem by providing a proliferation of rarely secured end points which are vulnerable to attack. This provides a growing domain of potential botnets and means that there is no limit to the scale of future attacks." ISPs and their role in mitigating DDoS attacks Another key trend that Corero anticipates in 2016 will be the increased role of ISPs in providing DDoS mitigation services to their customers. In a survey conducted this autumn, Corero revealed that three quarters (75%) of enterprise customers would like their ISP to provide additional security services to eliminate DDoS traffic from entering their networks. In addition, more than half of respondents confirmed that they would be willing to pay between 5-10% of their current ISP spend for a premium service to eliminate DDoS attacks from their environment.
Dave Larson continues: " The current status quo allows malicious traffic carrying DDoS threats to flow freely over most provider networks. As a result, most customers end up paying their provider for bandwidth that delivers potentially dangerous Internet content. But the technology exists for ISPs to turn this problem into a business opportunity. By providing DDoS mitigation tools as a service, deployed at the Internet edge, they can defeat this problem before it enters their customers' networks."This also offers the potential for a real shake-up of the broadband market, since smaller Tier 3 providers could legitimately leapfrog larger Tier 1 providers by installing real-time, in-line DDoS protection. If larger providers continue to rely on their existing scrubbing centre solutions, which miss the majority of low-bandwidth, sub-saturating attacks, smaller Tier 3 providers could rapidly increase their market share by offering a service which customers clearly want."