Telecoms - Beware Of The DDoS Threat Actor

Uploaded on 2024-05-31 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Recently, the number of internet users has skyrocketed, reaching 5.44 billion people. That means more than two-thirds of the world’s population is now connected through the worldwide web. However, with this comes growing concern around the threat of large-scale cyberattacks - and we are already seeing an upward trend in the number of distributed denial-of-service (DDoS) attacks being launched.

In the second half of 2023, NETSCOUT observed over 7 million DDoS attacks, representing a 15 percent increase on the first half of the year. Across 2023, NETSCOUT's findings revealed that a total of 13,141,562 DDoS attacks were launched globally. 

These attacks are driven by an increasing number of sophisticated threat actors who are continually adapting their methods and discovering new attack vectors. They can have significant and costly impacts on organisations across various industries, like telecommunications.

Targeting The Telecommunications Sector

Looking again at the last six months of 2023, wired telecommunications carriers throughout EMEA experienced a wave of DDoS attacks, with over 650,000 taking place, marking an eight percent increase on the first half of 2023. In fact, wired and wireless telecoms providers were the two most targeted industries throughout the year across EMEA. 

DDoS attacks pose a major threat to telcos due to the damage they can cause. An attack can incapacitate users, preventing access to essential online services, websites and business-critical applications by forcefully taking them offline. This impacts not only operational capabilities but also damages the organisation's reputation.

Telecoms providers play a critical role in facilitating global connectivity, making them an attractive target for cybercriminals.

When attackers target telcos, there is a chain reaction through the ecosystem, potentially disrupting internet access for millions of customers and severely hampering business operations. The extensive customer base of these providers also makes them a prime target for cybercrime.

Why DDoS Attacks Against This Industry Are Rapidly Increasing 

The number of attacks against wireless providers has increased in tandem with the number of commercial 5G networks being deployed globally. According to Statista, the number of 5G mobile subscribers and devices, which stood at 12.6 million in 2019, is projected to reach 5.9 billion by 2027.  

A significant driver behind this increase is the transition of many users from traditional broadband access to 5G fixed wireless access, with gamers leading the charge.

In fact, most cases of DDoS attacks against service provider networks can be traced back to gaming-related activities, which contributes to the overall increase in DDoS activity across the sector. The growth of 5G wireless connectivity and the number of users choosing 5G as their primary network has also expanded the DDoS attack surface.

Since the end of 2019, there has been a marked rise in DNS query floods designed to overwhelm authoritative DNS servers, with a massive 553 percent increase from 1H2020 to 2H2023. This attack method involves threat actors bombarding the domain name system (DNS) servers with requests, aiming to overwhelm them and trigger a denial of service. Once again, the most targeted industries were wired and wireless telcos, with bad actors deploying increasingly advanced and diverse attacks.

How Can Service Providers Protect Themselves?

Investing in threat intelligence is critical, as it enables providers to spot trends and focus on the most vulnerable attack vectors. Organisations in the sector, or any sector for that matter, should also conduct regular scenario-based training exercises which simulate DDoS attacks to assess the strength of their defences in real time. 

Visibility into network activities is fundamental to combating DDoS threats. By detecting the early indicators of an attack, telcos can better predict and prevent attacks. This intelligence can enable security professionals to limit attack options for threat actors and force them to take a singular approach. Doing so will reduce their potential to exploit vulnerabilities and cause widespread damage.

The threat landscape is constantly evolving, with the volume and complexity of DDoS attacks increasing at pace. This creates unprecedented challenges for telecoms providers, as they are key targets for cybercriminals. As such, all organisations across the industry should take proactive steps now to defend their online infrastructure from current and future threats.

Image: sasha85ru

Richard Hummel is Threat Intelligence lead for NETSCOUT

You Might Also Read: 

Conflict Drives A Significant Increase In DDoS Attacks:

DIRECTORY OF SUPPLIERS - DDoS Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« The Key Components Of Embedded Systems Development Services
Online Fraud - Police Agencies Recover Stolen $Millions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Endace

Endace

Endace is a leader in network visibility, network recording and packet capture solutions for security, network and application performance monitoring.

General Dynamics Information Technology (GDIT)

General Dynamics Information Technology (GDIT)

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

Data Security Council of India (DSCI)

Data Security Council of India (DSCI)

DSCI is a premier industry body on cyber security and data protection in India, committed to making the cyberspace safe, secure and trusted.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

VaultOne

VaultOne

VaultOne is a next-generation security solution that addresses security issues from different domains (Password Manager, Secure Access, PAM, Identity Management) as a single, integrated solution.

Tecnalia Research & Innovation

Tecnalia Research & Innovation

Tecnalia is the largest center of applied research and technological development in Spain, a benchmark in Europe and a member of the Basque Research and Technology Alliance.

Com Olho

Com Olho

Com Olho provides the measurement, analytics, quality assurance, and fraud protection technologies brands need for their business and customers.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

SecurEyes

SecurEyes

SecurEyes is a leading cybersecurity firm that provides specialised services, including cybersecurity assessments, managed services, and governance risk and compliance services.

CyberFOX

CyberFOX

CyberFOX is a global cybersecurity solutions provider focused on identity access management (IAM) for managed service providers (MSPs) and IT professionals.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

FTI Consulting

FTI Consulting

FTI Consulting is a global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes.

SecureDApp

SecureDApp

SecureDApp is a blockchain security company that specialises in offering comprehensive security solutions to companies operating in the web3 space.

BeamSec

BeamSec

BeamSec is a cybersecurity solutions provider committed to addressing the human element of risk against the evolving landscape of email-based cyber threats.