Skip to main content

Smokescreens, ransoms and ISPs: DDoS predictions for 2016

Corero Network Security (opens in new tab) has released its predictions for 2016, foreseeing DDoS attacks being used as smokescreens, ransom demands tripling and an increased role from ISPs in defending against DDoS attacks.

The security company predicts that 'Dark DDoS attacks' will come into force, used as a smokescreen to distract IT teams while other viruses infiltrate networks to steal sensitive data.

Dave Larson, COO at Corero Network Security, explains: "The highly sophisticated, adaptive and powerful Dark DDoS attack will grow exponentially next year as criminals build on their previous successes of using DDoS attacks as a distraction technique. The Carphone Warehouse attack in August was interesting because it was one of the first publicly reported cases of ‘Dark DDoS’ in the public domain. This is a new frontier for DDoS attacks and a growing threat for any Internet-connected business that is housing sensitive data, such as credit card details or other personally identifiable information.

"Traditional approaches to DDoS defence simply cannot catch these sophisticated attacks – only by using an always-on, inline DDoS mitigation solution that automatically removes the threat and provides real-time visibility will IT teams be able to harden their security perimeter to deal with this emerging security threat."

Ransom demands

During October 2015, Corero found that 10 per cent of its customer base was targeted by the threat of website attacks unless a Bitcoin ransom demand was paid and, if the volume of DDoS attacks continues to grow at the current rate of 32 per cent per quarter, the volume of Bitcoin ransom demands could triple to 30 per cent by the end of 2016.

Dave Larson said: "Just one highly publicised participant will further fuel the epidemic by causing these demands to spread like wildfire. By deploying in-line, real-time DDoS mitigation tools, properly prepared organisations can stem this tide by refusing the ransom requests, secure in the knowledge that they are protected and can withstand the storm."

This rise is being fuelled by the increased automation of DDoS attacks, which allow cyber criminals to carry out large-scale, multi-vector attacks "for as little as $6 a month."

The role of ISPs

Another key trend Corero has predicted for 2016 is that ISPs will play an increased role in providing DDoS mitigation services to their customers.

In a survey it carried out in the Autumn, Corero found that 75 per cent of enterprise customers would like their ISP to provide additional security services to eliminate DDoS traffic. Furthermore, more than half of respondents would be willing to pay between 5-10 per cent of their current ISP spend on a premium DDoS service.

Dave Larson continues: "The current status quo allows malicious traffic carrying DDoS threats to flow freely over most provider networks. As a result, most customers end up paying their provider for bandwidth that delivers potentially dangerous Internet content. But the technology exists for ISPs to turn this problem into a business opportunity. By providing DDoS mitigation tools as a service, deployed at the Internet edge, they can defeat this problem before it enters their customers’ networks.


"This also offers the potential for a real shake-up of the broadband market, since smaller Tier 3 providers could legitimately leapfrog larger Tier 1 providers by installing real-time, in-line DDoS protection.

"If larger providers continue to rely on their existing scrubbing centre solutions, which miss the majority of low-bandwidth, sub-saturating attacks, smaller Tier 3 providers could rapidly increase their market share by offering a service which customers clearly want."

Image source: Shutterstock/ (opens in new tab)Profit_Image (opens in new tab)

Sam is Head of Content at Red Lorry Yellow Lorry, and has more than six years' experience as a reporter and content writer, having held the positions of Production Editor, Staff Writer, and Senior Business Writer at ITProPortal.