20 Years of DDoS – a Brief Look at the Past and what the Future will Bring

Threat Landscape

20 Years of DDoS – a Brief Look at the Past and what the Future will Bring

The next few days will mark the anniversary of the first known case of a cyberattack method that continues to keep companies of all sizes and industries on their toes. On July 22, 1999, a computer of the University of Minnesota in the USA was attacked by a network of 114 other computers – on which the program Trin00 was running, which was later used time and again to launch DDoS attacks. At that time, the malicious code on the affected computers eventually caused them to bombard the research institution’s network with data packets. This in turn led to an overload of the computers, and legitimate requests could no longer be processed. The university’s system was down for two days. This incident in the United States was the first Distributed Denial of Service (DDoS) attack.

Twenty years later, this type of attack is feared by companies more than ever – as it causes massive financial losses while, at the same time, damaging the reputation of the company like hardly any other can. In a 2017 report, the Federal Criminal Police office (BKA) stated that DDoS attacks are now the most frequently observed security incidents in cyberspace. Such high bandwidth “overload attacks” often cost companies millions. A fact which is not surprising considering that in their 2019 Cost of Cybercrime study, Accenture put the costs incurred in connection with cybercrime at around $13 million on average.

DDoS attacks are far more devastating for businesses today than they were a few years ago. This is mainly due to the advent of the Internet of Things (IoT). Despite all of the advantages that the IoT brings with it, from development through to the networked economy, inadequately secured IoT devices ultimately enable cybercriminals to set up large botnets even more effectively and quickly in order to launch an attack. And this trend will continue to rise over the next few years. According to an IHS study, by 2025 there will already be as many as 75.4 billion IoT devices. This means there would be 10 times more IoT devices than people, which can be misused easily by criminals for cyberattacks due to their inadequate protection. What’s more, there is an increasing risk due to server capacities, which are rented by cybercriminals with the help of stolen credit card data and then used for cyberattacks. The emergence of the 5G mobile communications standard is also likely to lead to attacks with even higher bandwidths in the future, primarily due to the increased data transmission rates. And these have already reach destructive heights: In March last year, the biggest known DDoS attack was carried out on an American online service – at its peak it reached 1.7 terabits per second. Companies have no choice – they must participate in Industry 4.0 if they want to survive in the digital age. Unfortunately, however, they expose themselves to an enormous risk if basic safety measures are not taken.

Despite the destructive power of modern DDoS attacks, it should also be noted that companies are no longer helplessly at the mercy of these attacks. With modern protection solutions, the risks can be averted effectively so that downtime is prevented. AI-based and automated solutions in particular, which are not dependent on the human factor for defense, have proven themselves here. And the reasons are quite obvious: More and more cybercriminals are making use of this technology themselves and are managing to launch automated attacks in which only solutions that work in real time have a chance. Static, rule-based attack tactics are a thing of the past. It is therefore obvious that defense strategies must also adapt to the new “intelligence” of the attacks. The future belongs to solutions that make use of machine learning and permanently analyze data streams, establish a (data) communication profile for the company and derive adaptive security strategies. If companies adapt their defenses in line with the ongoing, tense threat situation and keep pace with current cybercriminal developments, massive business and reputation losses can be prevented.