What Does 5G Mean for Global DDoS Vulnerability?
Your smartphone chimes as you step outside your front door on the way to work, notifying you of an incoming delivery. You put on smart-glasses and look up at buzzing drones. One detaches from the swarm and descends. It’s carrying your monthly razor subscription kit. An icon pops in your peripheral vision — you’ve been charged $10. Delivery received, a text below says. A security camera recognizes you in the yard and calls for your car. The garage door opens. The car drives itself upfront to pick you up.
That’s the kind of word we may all live in soon, and it will be made possible by 5G.
The new Mobile Generation
5G is a new generation mobile network that is forecasted to replace 4G in the next 10 years or so. Evolution of a communication protocol that started with “1G” transmitting analog voices in the 1980s, 5G has the potential to revolutionize medicine, manufacturing, cloud computing, and autonomous vehicles. It’s a huge deal in communication and can bring that glittering Hollywood sci-fi vision of the future one step closer to reality.
5G, is, in fact, so much of a leap over 4G, delivering up to 100 times more network capacity, that we can only imagine what kind of innovations it will facilitate. But one area that we know for certain it will supercharge is the Internet of Things (IoT).
There are now almost 9 billion active IoT devices in early 2021. This number is expected to nearly triple by 2030, reaching almost 25.5 billion. That’s a lot of devices, most of them simple computers with a primitive chip and basic security. Moreover, by that time, each may be able to deliver peak data rates of up to 20 gigabytes per second, all thanks to 5G.
When it comes to potential innovation, that’s a tantalizing thought. But when it comes to DDoS security, it’s a frightening one.
The DoS Threat
Distributed Denial of Service attack is a form of cyber threat, created when a hacker floods a network with computer-generated traffic, creating a kind of traffic jam. Because all available bandwidth is used by bot requests, the DDoS target-resource overloads and appears unresponsive to users. The resource can’t function.
Cybersecurity experts detected 4.8 million DDoS attacks in the first half of 2020, a 15% increase from the same period in the year prior. Most experts agree that this upward trend will continue.
Meanwhile, attacks are getting ever more sophisticated. DDoS campaigns are used by threat actors in a variety of ways. APTs use DDoS as a diversion to pull attention from a contemporary attack, usually striving to steal sensitive data or banking details. Some DDoS campaigns carry a ransom, and some are launched by business owners to handicap competitors.
The cost of launching a DDoS attack today starts from as low as $7 per minute, one research found. At the same time, the increasing availability of DDoS-as-a-service tools makes it easy to launch an attack, even for non-technically savvy users. It’s as simple as signing up on a website, specifying the target URL, and clicking “start.”
This concerns even advanced DDoS attacks like UDP floods, SYN floods, or IP fragmentation. These attacks almost always use botnets — networks of infected devices that do the hacker’s bidding — to create a tsunami of traffic requests. These networks include PCs, smartphones, and Android tablets, but also — and increasingly commonly — IoT devices, which are often the easiest to compromise.
An Explosive Combo
It’s only a matter of time when IoT devices proliferate. Equally, 5G will replace the current network protocol in the upcoming years. The question is, will cybersecurity be ready?
A typical 4G upload speed in the real world hovers around 25 Mbps. For 5G, this same number may top 1 gigabit per second. What this means for DDoS and botnets is simple: Every infected device will have the potential capacity to generate at least 40x the amount of network requests it does today.
With a substantial chunk of the IT industry still unprotected from DDoS, the consequences can be dire, especially if we consider the applications of 5G. Expected to be used in emergency communications, smart cities, and smart factories the Internet will play a vital role in manufacturing, medicine, communication and more.
Global DDoS threats, leveraging 5G throughput can inflict great damage and increase global downtime. They can sabotage automated manufacturing processes by hindering latency-sensitive applications and cutting the connection to the cloud. Attacks targeting smart-cities can interfere with critical components like traffic-control systems, endangering public safety.
The Protection
Conventional DDoS protection relies on scrubbing centers that receive, analyze and cleanse malicious traffic. So far, this strategy has been effective. But the attacks that are to come when 5G is widely deployed will make the current threats seem like ripples next to 25-meter waves.
A network of 100,000 infected devices will be capable of creating terabit-level attacks, and 100,000-unit strong botnets are no novelty even today.
Effective protection in the future will require a paradigm shift in the way we approach DDoS security. Protection coverage will need to include all traffic and connected devices, rather than only reaching high-value clients. Proactive and full symmetric protection and DDoS filtering at the network perimeter will need to be employed.
Recent advancements in router silicon allow development of next-generation chips, that are capable of terabit-level forwarding capacity and improved packet filtering. One strategy is to move away from the reliance on centralized scrubbing centers and instead create a distributed perimeter of next-generation routers that will pick up the network filtering functionality.
Advances in AI and Big Data analytics will enable us to reliably detect DDoS signatures or other traffic anomalies and program the routers with a reciprocal filter to alleviate the attack, lifting some of the burdens from scrubbing centers.
Shifting the cybersecurity landscape towards a new paradigm will take time and will likely meet some friction from business owners, especially in smaller companies, where significant budget is often allocated to cybersecurity only after an attack takes place.
The technology, however, is already here – as is the need for action.