Cisco VNI: DDoS Attacks to Increase 2.5-Fold By 2021

Cisco VNI: DDoS Attacks to Increase 2.5-Fold By 2021

Global digital transformation will continue to have a significant impact on the demands and requirements of IP networks, and according to the latest Cisco Visual Networking Index (VNI), DDoS attacks will be one of the key concerns for the forecast period.

Cisco found that the number of DDoS attacks grew 172% in 2016, and expects that this will increase 2.5-fold to 3.1 million by 2021 globally.

Also, size matters: Already, the average DDoS attack size is increasing steadily and approaching 1.2Gbps—enough to take most organizations completely offline. This means that it has increased to 22%, which is relatively the same rate as internet traffic at 29% year over year.

The peak attack size however increased 60% year over year and represents up to 18% of a country’s total internet traffic while they are occurring, the VNI found.

“The fact that DDoS attacks are only going to increase even more, all businesses, both in and outside of the UK need to be vigilant in the face of it,” said Rob Norris, VP head of Enterprise & Cyber Security EMEIA at Fujitsu, via email. “To protect from DDoS attacks, organizations must understand the threat, risk and impact of DDoS attacks specific to their business and consider mitigation strategies based on good business continuity planning. From an industry perspective, industry peers need to share knowledge where appropriate, and keep government agencies informed; collaboration is key. It is a mixture of these solutions that will help deter hackers from launching a DDoS attack.”

The VNI predicts there to be a considerable increase in the attack surface and raw materials that could be used for DDoS though 2021, with average broadband speeds advancing from 27.5Mbps to 53Mbps, and internet of things (IoT) devices rising from 17.1 billion to 27.1 billion.

Over the forecast period, global IP traffic is expected to increase three-fold reaching an annual run rate of 3.3 zettabytes by 2021, up from an annual run rate of 1.2 zettabytes in 2016—providing a lot of infrastructure for DDoS actors to leverage.

In fact, for the first time in the 12 years of the forecast, machine-to-machine connections are calculated to be more than half of the total 27.1 billion devices and connections and will account for five% of global IP traffic by 2021. 

With the rise of connected applications such as health monitors, medicine dispensers and first-responder connectivity, the health vertical will be fastest-growing industry segment (30% CAGR), the report found. The connected car and connected cities applications will have the second-fastest growth (29% CAGRs respectively).

“As global digital transformation continues to impact billions of consumers and businesses, the network and security will be essential to support the future of the internet,” said Yvette Kanouff, SVP and GM of Service Provider Business, Cisco.

Some countries will be riper targets than others, depending on how advanced the architecture is.

“The UK is an attractive target for DDoS for two main reasons: Firstly because the UK is one of the world’s largest and most advanced economies,” said Norris. “It is one of the leading adopters of ‘digital enterprise models’, which as a result means it exposes a large surface of ‘UK PLC’ to the web to attack. The second factor is down to the mix of the UK economy and the service industries it focuses on such as financial services, IP-rich manufacturers, dynamic media and communications sectors, broad utility and transport industries. The key to all of these sectors is availability, and therefore the UK is an obvious target. A lot of business for ecommerce is done over the web, especially in retail and gambling, which means these industries are particularly at risk. As well as this, the UK’s time-zone overlaps with many advanced economies, making the UK a logistically juicy target due to our position as a global hub.”

Source: Information Security Magazine