1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Telecoms is evolving and unfortunately, so are DDoS attacks

    From TechnologyDaily@1337:1/100 to All on Thu Mar 21 15:15:06 2024
    Telecoms is evolving and unfortunately, so are DDoS attacks

    Date:
    Thu, 21 Mar 2024 15:04:21 +0000

    Description:
    Carpet bombing and downtime hell are slowly killing the reputation of telecoms.

    FULL STORY ======================================================================

    If you set up a Google news alert for DDoS (distributed denial-of-service), youd quickly be overwhelmed by the weekly attacks. Its been relentless for 25 years, and for telcos, which lie among the pile of victims, these attacks are growing more varied.

    Theyre getting larger, too. Its just that the form of these attacks against telcos is changing, largely spurred not just by the evolution of DDoS
    attacks, but also by the evolution of telecoms themselves. Lets examine the impact more closely. Death by downtimes

    Whatever conniving scheme a bad actor conjures up, the goal of any DDoS
    attack method is universally the same: overwhelm the target until they go offline.

    The two most common attack vectors of this include HTTPS Floods and NTP Amplifications. The former comprised one of five attacks and grew the average attack size by more than 180% in the last year. It sends servers into timeout hell with incessant answer requests for downtime. On the other hand, NTP Amplifications make up one in four attacks and similarly overflow servers
    with data to force downtime mode by exploiting a time-keeping protocol.

    These attacks are not just an inconvenience. In 2019, Facebooks 14-hour
    outage cost the company $90 million. This would be a killing stroke for a smaller company, but even the largest telcos are certainly not immune. If anything, theyre a tempting target for attackers because telcos (and their infrastructure) have evolved from being simple traffic carriers to underpinning business communications and critical infrastructure.

    From an attackers perspective, thats a lucratively massive attack surface. If you cut off a communication service providers (CSP) service-critical
    function, all its customers will fall like dominoes. Last year, we saw
    several cases of the havoc an outage could cause, including nearly half a million dollars in compensation claimed by customers affected by the Optus network outage.

    Thats just what the threat towards consumers looks like. The real scare will be how attackers use the effectiveness of this threat as a springboard to commit targeted acts that jeopardize national security . What carpet bombing with DDoS looks like

    Unfortunately, the evolution of telecoms infrastructure isnt the only thing exacerbating DDoS attacks. The attack methods are transforming into something far more specialized for telcos, as seen in bits and pieces attacks or as some call it, carpet bombing.

    Rather than flood a single system with repeat requests ad infinum, bits and pieces attacks mask their large influx of traffic by spreading smaller
    packets of requests amongst legitimate traffic across the whole network. This makes the junk traffic much harder for cybersecurity methods like thresholds and firewalls to detect.

    In some ways, this attack is more nefarious and devious than traditional attacks. It might not take its targets offline, but jamming the IP with bad traffic risks damaging the quality of service and potentially breaching customer agreements. Weve already established the monetary damage outages can cause, but bits and pieces present the risk of a far slower death to a telcos reputation, which relies entirely on the quality of its connectivity. Such loss would undoubtedly impact future business.

    You have a rather poisonous stew when you combine those bits and pieces with 5G and data-hungry AI -enabled applications . The traffic volume will grow significantly across networks, presenting even more hiding spots for these attacks. Light at the end of the (traffic) tunnel

    This means telcos have more problems with DDoS than ever before.

    Telcos arent oblivious to the threat. A report from A10 Networks in 2023 showed that IT professionals within CSPs are investing in strengthening network security against DDoS attacks. However, the advancements made to threat detection are matched by similar (if not greater) advancements on the DDoS threat actors' side.

    Telcos will need to apply some care in the protection they implement. Too little means exposing oneself to attacks, and too much will incur too high a cost that ultimately gets passed down to consumers in an already cruel global economy.

    To get themselves out of the mess, telcos will need to look towards turning this nasty security problem into their financial gain, integrating DDoS protection into their CSP product offerings. The result should be a powerful bundle that is just as much about managed security as connectivity. The best of both worlds is safer customers and a new revenue stream.

    We've featured the best productivity tool.

    This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro



    ======================================================================
    Link to news story: https://www.techradar.com/pro/telecoms-is-evolving-and-unfortunately-so-are-dd os-attacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)