While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work.
In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, and one of the largest known denial-of-service attacks hit major internet companies in October.
The same group of bad actors - Anonymous Sudan - has taken credit for both the ChatGPT attack as well as the one that hit Cloudflare in October.
While DDoS attacks historically stemmed from vulnerabilities in Internet protocols, the focus later shifted to Internet of Things devices.
It's time to take a closer look at why these attacks are back with a vengeance and how to make sure your organization's anti-DDoS strategy is well-bolstered.
History Repeats Itself Mirai, one of the largest-scale DDoS attacks back in 2016 and 2017, heralded a shift in attack methods that continues today.
Bad actors launch attacks on device vulnerabilities, infect them en masse, and then use them to execute DDoS attacks.
The IoT Pain Point Vulnerable IoT will continue to contribute to the rise in DDoS attacks.
New tech vendors without experience in securing devices are entering the market - and their devices are coming online in waves.
That means there will be more DDoS attacks targeting IoT devices.
The Dark Side of New Protocols IoT threats aren't the only concern on the DDoS front.
Every time a new Internet protocol is introduced, security pros gradually find and address new vulnerabilities.
As a result, issues in newly developed or older network protocols will continue to enable new denial-of-service attacks.
Staying Ahead of the Curve With DDoS and zero-days on the rise, cybersecurity professionals must take stronger steps to protect their organizations.
In a DDoS attack, traffic can be distributed across multiple resources, making it harder for attackers to overwhelm a single point of failure.
Design your network and infrastructure with failover mechanisms and redundancy to enable business continuity during an attack.
Implement flow monitoring tools like NetFlow or sFlow to gain visibility into traffic flows and identify potential DDoS attacks.
CDNs can absorb a significant portion of traffic during an attack.
As 2024 approaches, businesses must take the uptick in DDoS and zero-day attacks seriously.
If security leaders are tracking the risk, keeping an inventory of potentially vulnerable services and devices, and implementing the right security tooling and procedures outlined above, they stand a better fighting chance of mitigating the impact of DDoS and zero-days in the new year.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 28 Dec 2023 15:00:19 +0000