The technology, media and telecommunications (TMT) practice at Deloitte predicts that in 2017 distributed denial-of-service (DDoS) attacks will become larger in scale, harder to mitigate, and more frequent.
Deloitte expects there will be on average a terabit/s attack per month and over 10 million attacks in total during the year. The average attack size will be between 1.25 and 1.5 gigabits per second of junk data being sent. An unmitigated Gbit/s attack (one whose impact was not contained), would be sufficient to take many organizations offline.
Phill Everson, Deloitte UK’s head of cyber risk services, said:
“A distributed denial of service (DDoS) attack aims to make a website or connected device inaccessible. DDoS attacks are the equivalent of hundreds of thousands of fake customers converging on a traditional shop at the same time. The shop struggles to identify genuine customers and quickly becomes overwhelmed. The consequence could see an online commerce site temporarily unable to transact, or a government site not able to process tax returns, for example.
“DDoS attacks will not only scale up this year to a terabit per second in some instances, but also increase in frequency to a total of 10 million attacks. The volume and scale of such breaches would challenge the defences of organizations, regardless of size.
“This escalation in the DDoS threat is largely due to the growing number of vulnerable IoT devices and online availability of IOT-focused malware (both of which allow relatively unskilled attackers to hijack IoT devices and use them to launch attacks), as well as access to ever higher bandwidth speeds.
“Businesses of all sizes should acknowledge the growing DDoS threat and consider how best to handle attacks of these magnitudes.”www.deloitte.co.uk