Credit: The original article is published here.
Over the last year, threat actors have upped the ante with their plots to disrupt vital business and public services – and they have had increasingly successful outcomes. In fact, the UK government estimates that some of the most disruptive breaches cost businesses, of any size, an average of approximately £1,205. When looking at medium and large enterprises, this cost increases to approximately £10,830.
The UK government recognizes the increasing dependence of businesses and organizations on digital technologies, which are vulnerable to constantly evolving cyberattacks. To address this, it is investing £2.6 billion in the National Cyber Strategy to enhance and protect the UK’s online presence.
Central to this effort is promoting ‘cyber resilience’ – organizations’ ability to prepare for, respond to and recover from cyberattacks and security breaches. This resilience is fundamental to operational continuity, business growth and the overall health of the UK economy.
Evolving attack techniques signal an increased threat to businesses
Considering there were almost 9 million DDoS attacks globally in the second half of 2024, per NETSCOUT’s latest Threat Intelligence Report, the government’s greater focus on building cyber resilience is much needed. While the number of DDoS attacks across 2H2024 increased by more than 12 percent from the first half of the year, attacks are also more sophisticated than ever before.
For instance, application programming interfaces (APIs) paired with automation allows threat actors to carry out multitarget DDoS campaigns with minimal supervision, significantly increasing their attack efficiency.
Additionally, advanced techniques such as carpet-bombing, IPv6 abuse, internet service provider (ISP) masking and geo-spoofing expand attack reach for threat actors, allowing them to target victims regardless of their location, and bypass defenses.
The combination of increased frequency and sophistication of attacks increases the risk to businesses of being attacked. As has been seen from countless highly publicized incidents – such as the sophisticated cyberattack on Transport for London that disrupted services across the city in September – the devastation caused by DDoS attacks is significant.
When websites and business-critical applications are taken offline, the results are lost revenue, unhappy customers and irreparable damage to an organization’s brand. The threat is continuing to grow so it is more important than ever for ISPs and enterprises to fully protect their networks and other critical infrastructure. To achieve this, organizations must look for more efficient and effective DDoS defense systems.
Exploring threat actors’ changing motivations
At a global level, there has been a noticeable increase in sophisticated DDoS hacktivism. Hacktivist groups have showcased their advanced technical capabilities, launching politically motivated cyberattacks against governments, infrastructure, and organizations around the world.
For example, NoName057(16) is the dominant actor behind geopolitical DDoS campaigns, focusing its efforts on government websites in the UK, Belgium, and Spain. In the last few years, this activity has signaled the beginning of a new era of cyber threats.
Geopolitical events drove massive attack spikes in 2024, with DDoS attacks increasingly becoming a weapon for political unrest. Threat actors have exploited periods of national vulnerability to amplify chaos and undermine confidence in institutions. For instance, Israel experienced a 2,844 percent surge in February tied to the conflict in Gaza, and Georgia saw a 1,489 percent increase in April leading up to the “Russia bill”.
These examples highlight the extent to which DDoS has become a go-to tool in sociopolitical conflicts – being deployed during elections, protests, and policy disputes – and how public sector and enterprise defenses need a rethink. Since attackers use a variety of techniques, ranging from custom-built tools to surprisingly simple methods, the need for robust and adaptable security measures is greater than ever.
Defending against DDoS attacks
The threat posed by DDoS attacks is a serious concern for businesses. Despite the prevalence of these attacks, the dangers often go unnoticed, with malicious traffic frequently mistaken for legitimate activity. Clever hackers can leave organizations vulnerable, even if they believe their defenses are robust.
To mitigate DDoS attacks, organizations should focus on reducing or terminating harmful traffic as soon as it is detected. Increasing network capacity is also crucial, as it helps absorb malicious traffic and prevents systems from being overwhelmed. Additionally, completely blocking anonymous and remote systems can make targets inaccessible to attackers, adding an extra layer of protection.
By implementing these strategies, organizations can enhance their visibility and resilience against DDoS attacks, navigating the complex landscape of cybersecurity with greater confidence.
Staying ahead of emerging cyber threats
The importance of keeping up with cyber threats cannot be overstated. Businesses should have a powerful DDoS protection system in place and regularly assess their network infrastructure. Just as organizations regularly prepare for fire drills by testing their alarms, proactively reassessing and regularly enhancing security measures is essential to stay afloat in the ever-evolving cyber threat landscape. With the shifting nature of DDoS threats, it is imperative for businesses to stay ahead of the curve, or they risk the severe consequences that come with being the victim of a DDoS attack.
After all, the devastating impact of cyberattacks across sectors has been seen globally with too many instances to count. Therefore, organizations need to be aware of current threat trends and prioritize their defense strategies. With comprehensive visibility, actionable threat intelligence and the right security team in place, businesses can build the awareness and resilience needed to navigate today’s threat landscape effectively.
We’ve featured the best online cybersecurity course.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
