DDoS attacks were always a major threat to enterprises, and in recent years have become the leading cyber threat to organizations. As networks become more complex, DDoS attacks continue to evolve and grow in frequency and sophistication. The DDoS attack surface is constantly expanding: the dynamic nature of cloud environments and the workflows that accompany them make it easier for threat actors to bypass mitigation controls and launch attacks that severely impact an organization’s uptime. On average, 60% of businesses lose over $120,000 in downtime. 15% of organizations that suffered DDoS attacks lost well over $1 million USD, with some losing over $3 billion in market CAP losses. And these numbers are examples of losses stemming from very short intermittent DDoS attacks. Matthew Andriani, Founder and CEO of MazeBolt, supplied the key DDoS trends noticed in 2022 that are anticipated for 2023, as published in Cyber Defense Magazine’s February Edition.
Prediction 1: DDoS attack havoc will increase.
From the “Overwatch 2” gaming DDoS attack to the attack on Russia’s second-largest VTB bank, 2022 saw a variety of organizations suffering temporary outages. Heading into 2023, we will most likely see continued growth in DDoS attacks. Many official reports predict the total number of DDoS attacks will reach over 15 million by 2023, leaving organizations and customer data vulnerable. As the proliferation of DDoS as-a-service subscription can cost as little as $500 USD, it is easier for threat actors to anonymously launch devastating attacks and disrupt businesses’ uptime. Although governments are already taking down DDoS-as-a-service operators, it’s a drop in the ocean, and most likely new sites will pop up. Unless organizations achieve true visibility into their dynamic DDoS attack surface and build DDoS resilience through vulnerability closure, the whack-a-mole game between governments and operators will bear little fruit in the prevention of successful DDoS attacks.
Prediction 2: DDoS will become the weapon of choice for cyber warfare.
The Russia-Ukraine conflict taught us that attackers don’t need expensive and sophisticated anti-satellite weapon systems to cause chaos. In February, Russia launched a massive cyberattack against Viasat’s KA-SAT satellite internet network and took thousands of modems offline. According to a statement issued by the EU council, the attack “had a significant impact causing indiscriminate communication outages and disruptions across several public authorities, businesses, and users in Ukraine, as well as affecting several EU Member States.” DDoS attacks will turn into the weapon of mass disruption, and we’ll see more nation-state DDoS attacks unleashed – and probably more cyber carnage.
Prediction 3: Multi-vector attacks will rise and be more automated.
The DDoS vulnerability gap which exists in most organizations is huge. Automated sequences and switching attack vectors will become more frequent and sophisticated as they’re easy to implement and will increase an attacker’s chances by 50% to 99% of succeeding in most cases. As the dynamic DDoS attack surface keeps expanding, we’ll see more advanced attacks in relatively lower volumes and shorter frequencies. These attacks will easily bypass all layers of DDoS protections and inflict even more damage than traditional volumetric single-dimension attacks.
Prediction 4: Extortion will rise. The incentive is too great.
DDoS-as-a-Service has become common and successful, and it’s combined with damages running into the billions of dollars. Organizations and insurance companies pay reasonable extortion demands and it’s likely that many attackers already understand this. But we must remember that measuring the effects of ransom attacks is hard, as most companies being hit with a ransom DDoS attack do not report it. In 2022, there was a significant increase, over 60%, in organizations receiving ransom demands while experiencing DDoS attacks. To put it bluntly, if an attacker can drop a stock exchange, they can request a small fee for not doing so for days. Most CISOs, CEOs, and boards may pay a nominal fee.
Prediction 5: Growing damages will increase demand for accountability and action.
With more successful DDoS attacks wreaking havoc in organizations’ uptime, and damages impacting business’ bottom line, CISOs will seek a better understanding of their security investment and its impact. Furthermore, CISOs and boards will demand more assurances for DDoS protection contracts purchased, as well as visibility into their DDoS resilience. Organizations will identify vulnerabilities and push their mitigation vendors to move to a continuous remediation cycle when presented with such vulnerability information. Mitigation companies that achieve rapid remediation speed to identified vulnerabilities will gain a competitive advantage.
Prediction 6: Clear leaders in the DDoS industry will start to emerge.
In 2023, we’ll probably see DDoS mitigation vendors embrace technologies that provide them with DDoS vulnerability protection instead of just seeing the DDoS vulnerability data as an unsolvable issue. In 2023, a mitigation vendor that will not do that will knowingly put their customers at serious risk of a DDoS attack. Customers will begin to change such vendors who will find themselves as an outcast, and this is something we’ve been seeing happening during 2022.
Some of these predictions may seem gloomy, but the good news is that becoming DDoS resilient isn’t as difficult as one might imagine. Sure, the DDoS threat is growing, but with it grows the understanding that there are ways to defend organizations and networks against it. MazeBolt is pioneering a new standard in testing DDoS vulnerabilities that provides enterprises with full visibility into their dynamic DDoS attack surface. Its vulnerability solution, RADAR™ testing, continuously observes tens of thousands of potential DDoS attack entry points, identifying how attackers succeed in bypassing existing mitigation systems. The solution’s autonomous risk detection allows cybersecurity teams to go beyond traditional DDoS testing by continuously detecting, analyzing, and prioritizing remediation across the network with zero operational downtime. Global enterprises, including financial services, insurance, and governments rely on MazeBolt for full visibility into their DDoS security posture.