The drastic increase in 5G devices in Germany, Austria and Switzerland offers an attractive target for modern complex DDoS attacks.
The number of 5G mobile devices for home use and also for Internet of Things (IoT) devices is expected to see a massive increase of 12.720 percent - from 12,6 million in 2019 to an expected 1,6 billion by the end of 2023.
Wireless telecommunications: 79 percent more DDoS attacks
This growth plays into the hands of cyber criminals: poorly protected 5G and IoT devices represent potential network access points that can be hacked by cyber attackers, added to a botnet and then used for DDoS (Distributed Denial of Service) attacks. In this context, the number of DDoS attacks in the wireless telecommunications sector has increased by 2020 percent worldwide since 79. These attacks currently account for around 20 percent of all DDoS attacks.
According to the current DDoS Threat Intelligence Report, the DDoS attacks on wireless telecommunications service providers in Germany, Switzerland and Austria are distributed as follows in the second half of 2022:
- Germany: 51.307 attacks
- Switzerland: 1.124 attacks
- Austria: 39 attacks
Wired networks more popular target
80 to 90 percent of all DDoS attacks come from wired networks. This magnitude is also related to the progressive introduction of 5G for the home. In Switzerland and Austria, wired telecommunications service providers were a far more popular target for attackers. Nevertheless, Germany leads the ranking in this industry:
- Germany: 9.533 attacks
- Austria: 7.611 attacks
- Switzerland: 5.491 attacks
Tactically sophisticated attacks
Cyber criminals are very strategic with these DDoS attacks and choose different attack vectors for maximum effectiveness. To do this, they determine what protections a company network has, select appropriate vectors to bypass this protection and observe how the company mitigates these attack vectors. If the target is able to repel this attack, cybercriminals select a whole new set of vectors for a next attempt.
These adaptive, dynamic, multi-vector DDoS attacks render traditional enterprise defense strategies obsolete and require a real-time view of Internet traffic on a global scale—even taking into account geopolitical conflicts.
New attack trends
By observing global Internet traffic, new attack trends and DDoS characteristics can be identified and, taking these into account, one can predict which DDoS botnet host or abusive server may be the source of an attack. Combined with this, every organization should have automated defenses in place that block observed DDoS traffic, leaving legitimate traffic untouched by the attack.
Network outages are often associated with DDoS attacks
All in all, it is advisable for companies to set up hybrid protection. This should combine customizable on-premises protection for services with upstream protection in the cloud that identifies and mitigates attacks of any magnitude – even the smallest attacks that can drown in a tide of terabits and go unnoticed for many organizations.
Businesses tend to claim they don't have a DDoS problem because they can't detect attacks, but experience network failures and rely on a reboot. These incidents are often related to small DDoS attacks that last only a few minutes and go undetected in the mass of traffic. With a hybrid protection model, organizations are able to see DDoS attacks, no matter how small, detect the gap in protections, respond to them, and most importantly, proactively mitigate such attacks.
Directly to the report at Netscout.com
About NETSCOUT NETSCOUT SYSTEMS, INC. helps secure digital business services against security, availability and service disruptions. Our market and technology leadership is based on the combination of our patented smart data technology with intelligent analytics. We provide the comprehensive, real-time insight that customers need to accelerate and secure their digital transformation. Our advanced Omnis® cybersecurity platform for threat detection and mitigation offers comprehensive network visibility, threat detection, contextual investigations and automated mitigation at the network edge.