Network transformation is having a direct impact on cybersecurity. New and improved scalability, agility and bandwidth are benefiting not just legitimate users – but also bad actors. And service providers need to be prepared.
Service providers embrace edge-centric computing in their fixed and mobile networks to deliver better user experiences, better performance and emerging real-time services. However, more scalable infrastructures, high traffic bandwidth, advance connectivity, and different network architecture also impact the cybersecurity threat landscape. The same capabilities that allow service providers to raise the bar on performance and introduce new services also allow bad actors to execute larger, more sophisticated cyberattacks.
Network Transformation Impact
The findings of Radware’s 2021–2022 Global Threat Analysis Report show the real impact of network transformations on cyberattacks. Between 2020-2021, average DDoS attack volumes grew by 26%, and the number of malicious DDoS events increased by 37%. To safeguard their infrastructures from the rise in attacks, DDoS mitigation is a protective measure that service providers must implement. Two of the main types of DDoS threats are volumetric attacks and phantom floods attacks. While phantom flood attacks often fly below the radar of service providers, both types of attacks can be disruptive and must be addressed.
While less common, terabit attacks are still a threat. During the fourth quarter of 2021, Microsoft Azure reported three terabit attacks, one with a size of 3.47Tbps and two more above 2.5Tbps. Terabit attacks can overwhelm any internet uplinks. Once the uplinks are saturated, customers and partners are left without available service.
Multi-terabit attacks are not necessarily more effective or dangerous than gigabit attacks. In the first few weeks of 2022, during the Twitch Rivals SquidCraft Games event hosted in Andorra, a DDoS attack no larger than 100Gbps interrupted the connectivity of the entire country for hours on end.
Volumetric attacks are a by-product of the growth in traffic bandwidth. High bandwidth attacks can range from 10Gbps up to terabits. Service providers without the right DDoS protection can suffer from access and services outages, which can have a real impact on revenue.
Phantom Flood Attacks
Another growing DDoS trend is phantom floods attacks. Micro floods and other slower attacks, such as application-layer attacks, can go undetected and consume resources. Service providers and their end consumers are unaware of the constant increase of infrastructure resources, such as bandwidth, network, and server processing, until the service becomes cost-prohibitive.
DDoS Protection and Network Transformation
Networks and market requirements are constantly changing, As a result, new eco-systems, architectures and advanced solutions emerge, which all affect the DDoS threat landscape.
Service providers should seek DDoS security solutions that support new infrastructure innovations and requirements while overcoming the increasing intensity of large DDoS attacks and growing sophistication of phantom flood attacks.
Radware is Up to the Terabit Challenge
Radware’s new DefensePro 800 is the industry’s first terabit DDoS mitigation platform. It combines leading performance, technology and state-of-the-art protection to handle the ultra-high bandwidth threat landscape and deliver next-generation connectivity for emerging environments. Some of the benefits include:
- Industry leading performance– Armed with Radware’s new Hardware Mitigation Engine, DefensePro 800 is built to uniquely protect carriers’ most demanding environments, delivering a mitigation capacity up to 800Gbps and an attack prevention rate up to a 1.2B PPS.
- Industry leading technology– DefensePro800 is built to handle the growing capacity and connectivity requirements of future infrastructures with market-first 400G interfaces and high-port density.
- State-of-the-art DDoS protection – With patented, behavioral-based, and automated algorithms with granular and dynamic protection, DefensePro 800 can overcome multi-vector sophisticated attacks at any scale.
Radware’s new DefensePro 800 is designed to give service providers a secure foothold in the new terabit era.