In the modern cyber threat landscape, distributed denial of service (DDoS) attacks are something witnessed all too often. They’ve been around for over 30 years now, wreaking havoc on systems and threatening every site on the Internet.
With the development of artificially intelligent technology, the frightening fact of the matter is that malicious actors will start to utilize artificial intelligence (AI) more and therefore DDoS attacks will become harder to defend against. Machines do not tire, get bored or generally make mistakes, meaning it will be increasingly harder to find a way to stop a DDoS attack.
To see what may happen in the future, we look into how automation in DDoS attacks has developed over time. Understanding this can help us better prepare our defence technologies.
Artificial Intelligence in DDoS: The history of automated DDoS attacks
Ever since DDoS began, the perpetrators have been finding ways to better their attacks, increasing the amount of automation used to decrease the amount of time and effort required. Initially, a single machine would send a single DoS attacking signature, sent manually by the controller. This very basic attack was improved by adding loops into the script to automatically repeat tasks without the attacker having to enter it.
The introduction of DDoS (Distributed Denial of Service) managed to spread the attack source, often using a series of infected computers known as botnets. This was the first major step in automating DDoS attacks as coming from multiple sources meaning the attack is harder to defend.
Malware spreading automatically became the next problem, making it substantially easier for bad actors to target multiple sources with minimal effort. This automatically infects a multitude of devices at one time with no human intervention. This, however, was the furthest anyone could get in malicious DDoS without a big change in the threat landscape.
This is where a new type of attack came in. Attackers started targeting the application layer instead of the network layer, as limited bandwidth made network attacks less effective. Reflection attacks started to increase in popularity, allowing actors to hide their identity and amplify the amount of traffic hitting the target system.
Over time a dangerous combination of different layers of attack came into play, forcing companies to step up their cybersecurity and DDoS mitigation solutions to better protect themselves. The introduction of DDoS for Hire sites, giving criminals access to botnets, made it even easier for criminals to access the tools to launch a DDoS attack – costing no more than £11 according to a recent report from the National Crime Agency.
A growing issue is the rise of IoT (Internet of Things) devices. If these are not secured properly, they can easily be exploited to create an army of botnets to launch DDoS attacks on unsuspecting targets. The problem of unsecured IoT devices is very prevalent today, due to increased uptake and usage.
The rise of AI in DDoS
The rise of Artificial Intelligence in everyday life means that automated DDoS attacks will soon become a reality. The whole concept of Artificial Intelligence means that machines are constantly learning; staying ahead of the game is ever more important as attacks are getting more advanced by the day.
A combination of malicious actors and AI technology could be a deadly combination, and security solutions should be prepared now to ensure they are able to fight back. Without any defences, major consequences could ensue for targeted sites.
You may also like: 2018 Cybersecurity Predictions – Big Bad Attacks on Automation
How to fight back
The rate at which DDoS technology has evolved over a relatively short period of time shows that it is vital that we get prepared now. Fighting a machine is hard, and it is clear the only way to combat a machine is with another machine. Advancing the AI used in DDoS mitigation and web application security solutions could drastically improve the detection and prevention of upcoming attacks.
Machine learning is a key feature to recognise in this situation. If your machine can automatically learn and keep evolving, you stand a much better chance of staying safe. The threat landscape is constantly evolving and keeping our mitigation systems the same as they are today will only end in disaster.
There are 2 types of machine learning; supervised and unsupervised. The first requires the machine to be fed with examples to be able to complete tasks; it is limited to the current threat landscape and what has happened in the past. The latter is much more proactive, after initial training it teaches itself how to do things.
Choosing the right type of machine learning is crucial in keeping up to date with the threats. If your system can only learn from past examples, how can it be expected to protect against a new kind of attack in the future?
The lesson from this blog is to be proactive. Leaving your DDoS mitigation systems to work by themselves will never be an effective protection as technology evolves. Regularly testing your mitigation and talking to vendors to understand the current market is a great way to stay ahead of the game.
activereach scours the national and international markets to find the best DDoS mitigation solutions to protect your business now and in the future. To find out what we can do for you, see our page on DDoS mitigation or give us a call on 0845 625 9025.