Last year, two distributed denial of service (DDoS) attacks reached or exceeded 1 Tbps. But in 2017, that will change, as the number of 1 Tbps DDoS attacks increases 500 percent in 2017.
According to Deloitte Global “Technology, Media and Telecommunications Predictions 2017”, there will be 10 million DDoS attacks this year with an average size of 1.25 Gbps to 1.5 Gbps. More alarming, however, is Deloitte’s prediction that there will be one 1 Tbps-level DDoS attacks per month in 2017.
Overall, the report indicates DDoS attacks will be larger in scale, more frequent and harder to mitigate than in previous years. For example, the largest attacks on record in 2013, 2014 and 2015 reached 300 Gbps, 400 Gbps and 500 Gbps, respectively; while the first Tbps-level attack was recorded in 2016.
“DDoS is not a new topic for 2017, but the potential scale of the problem is,” Deloitte wrote in its report. “Any organization that is increasing its dependence on the Internet should be aware of a potential spike in the impact from such attacks.”
What’s Driving this Growth?
According to Deloitte, three factors are fuelling the growth in scale, severity and frequency of large DDoS attacks.
First, threat actors are using the growing install base of unsecured Internet of Things (IoT) devices such as connected cameras and digital video recorders to build botnets with which to launch large attacks. One of 2016’s 1 Tbps DDoS attacks was carried out by a network of hundreds of thousands of hijacked wireless cameras.
Second, it’s becoming much easier for threat actors to launch attacks. Through what’s being called “deskilling”, relatively unskilled attackers can now launch attacks on their own through the online availability of malware methodologies, such as Mirai, which was used to carry out some of the largest attacks last year.
Third, high-speed bandwidth is ubiquitous, empowering botnets to send much more junk data with greater speeds, thus intensifying attacks.
Protection for the Terabit-Attack Era
Now more than ever, your organisation requires a high-performance solution with the capacity and density to detect and mitigate massive DDoS attacks. Deloitte recommends leveraging a powerful DDoS protection solution to prevent being taken down by one of these monstrous attacks.
An effective Threat Protection System (TPS) detects and mitigates attacks at the network edge and is the first line of defence for your network infrastructure against these large-scale DDoS attacks. It delivers agile, efficient and network-wide protection against the full spectrum of DDoS attacks, including challenging multi-vector attacks that use a combination of high-rate volumetric or network protocol attacks and more sophisticated application attacks. A10’s TPS 14045, for example, can mitigate attacks of up to 300 Gbps with just 3 RUs, and can be deployed in a cluster to handle up to 2.4 Tbps. Effective TPS offers a multi-tiered architecture offloads common attack vectors to specialised hardware, offloading the CPUs to focus on complex application layer attacks.