Combating the Threat to 5G Services: Empowering Next Generation Smart Devices

Adrian Taylor

Adrian Taylor

For the telecoms industry, 2019 is the year of 5G writes Adrian Taylor. Service providers are in a race to roll-out 5G services that will empower the next generation of smart devices and the Internet of Things (IoT). With its massive increase in bandwidth speeds, ultra-low latency and dramatic expansion in geographic coverage, 5G is destined to bring with it vast opportunities, subsequently driving a plethora of new IoT use cases and exponential growth in connected devices.

While all of this sounds great, every opportunity brings threats and, notably in this case, cyber security risks. For example, as more powerful smart devices come online, the networks hosting these devices will have a larger attack surface which makes them bigger targets for malware, security breaches and, of course, DDoS attacks. It also increases the opportunity for those devices to be harnessed for the purposes of launching damaging DDoS attacks against other targets.

Only last month, we released a report which highlights key observations surrounding the growth in DDoS ‘weaponisation’ from last year. Some of the key points made are well worth noting:

Amplified weapons

Attackers leverage vulnerabilities in the User Datagram Protocol to spoof the target’s IP address and exploit the vulnerabilities in the servers that initiates a reflected response. This strategy amplifies attacks by producing service responses that are much larger than the initial requests.

DDoS Botnet weapons

Attackers are leveraging malware-infected computers, servers and, increasingly, IoT devices that are under the control of a bot herder, typically from a DDoS-for-Hire service. The resulting botnet is used to initiate stateful and stateless volumetric network and application attacks.

Top sources of weaponry

While the nature of DDoS attacks is distributed, data has highlighted that DDoS weapons with a high level of concentration come from Internet-connected populations that are the most dense. China specifically highlighted 4,374,660 followed by the USA at 3,010,039. The report also shows that there’s a growing trend towards DDoS weapons being hosted in the cloud. This is attributed to the influx of mobile devices and the growing adoption of the cloud. This has changed the way in which networks and applications are delivered. Weapons are now evolving alongside the new technology trend.

These top line observations highlight the challenge for the modern enterprise. The focus of an enterprise’s DDoS defence should always be on the users. After all, they drive the business and, when access to critical services is down, employees opt to go home or use unsecured methods. Enterprises need comprehensive, cost-effective defences to ensure services are available and users are protected. This is where the adoption of a resilient and sophisticated two-pronged DDoS defence alongside a threat intelligence solution is the most effective for complete attack coverage.

Cloud with on-premise solution

A two-pronged defence approach offers help for the most demanding pf network environments. Previously, industry conversations surrounded cloud versus on-premise solutions, but enterprises need to have a solution that offers both. Cloud scrubbing is an important part of enterprise defence when attack volume grows beyond the capacity of a business’ Internet coverage, but cloud-only scrubbing has limitations due to how it works.

Enterprises need to complement this solution with an on-premise solution that mitigates all classes of DDoS attacks. This includes fast detection and mitigates intervals down to 100 ms. On-premise defence solutions allow attacks that are undetectable by cloud scrubbing to be blocked, such as low and slow application attacks.

Threat intelligence

Sophisticated DDoS threat intelligence combined with real-time threat detection and automated signature extraction will allow businesses to defend against the most massive of multi-vector attacks. Actionable DDoS threat intelligence enables a proactive approach to DDoS defences by creating blacklists based on current and accurate feeds of IP addresses of DDoS botnets and vulnerable servers commonly used in these types of attacks.

For defence

In the next few years as 5G networks become operational, we will see the size of attacks grow substantially. Enterprises need to look beyond the traditional security methods. We see the cloud and distributed nature of DDoS attacks creating the opportunities for enterprises to take a proactive approach by focusing on key tactical solutions to enable better protection.

This is where a solution that encompasses a varied approach such as threat intelligence, cloud and an on-premise solution will help enterprises combat the upcoming threat that comes with the opportunity of next generation 5G.

Adrian Taylor is Regional Vice-President of Sales at A10 Networks

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts