DDoS, Not Ransomware, Is Top Business Concern for Edge Networks – Source: www.darkreading.com

Distributed denial-of-service (DDoS) is the attack method businesses are most concerned about, believing it will have the largest impact on the business.

That was among the chief findings of AT&T’s “2023 Cybersecurity Insights Report,” based on a survey of 1,418 participants. Theresa Lanowitz, head of cybersecurity evangelism at AT&T Business, calls the perceived risk and rise in concern for DDoS attacks surprising.

“With edge, the attack surface is changing, and taking down a large number of Internet of things (IoT) devices can have significant impact on the business,” she says. “The near real-time data created and consumed by most edge use cases make DDoS attacks attractive. By its definition, a DDoS attack will degrade a network and response time.”

She adds, “Those who have not invested in DDoS protection are indicating the timing is right to do so.”

The study also found ransomware dropped to eighth place out of eight in perceived likelihood of attack type. Yet Lanowitz notes that over the past 24 months, organizations of all types and sizes have invested in ransomware prevention.

“However, ransomware criminals and their attacks are relentless,” she cautions. 

Additional analysis suggests cyber-adversaries may be cycling with the rise and fall of different types of attacks.

“Operating systems embedded in edge IoT devices make it more expensive for a financially motivated adversary to target the device with ransomware,” Lanowitz says. “It is far more time intensive to write and deploy destructive code for an IoT device running a derivative of a version of Linux than to target a Windows-based laptop.”

She explains one of the most pleasantly surprising findings in the report is how organizations are investing in security for edge: Security budgets have become 22% of overall project budgets, equally distributed with strategy.

“We asked survey participants how they were allocating their budgets for the primary edge use cases,” she says. “The results show that security is clearly an integral part of edge, and that security is being planned for proactively.”

She points to survey results that indicate applications, and the much-needed security for ephemeral edge applications, are part of the broader plan for edge project budgets.

“The expected outcome of what the edge delivers is shifting how organizations budget, plan, and think about focusing on a digital-first business,” Lanowitz adds.

Another surprising result from the survey is that globally, the likelihood of a compromise and impact to the business decreased by 28% and 26%, respectively.

“Perhaps this is a case of irrational exuberance, but our qualitative analysis proves that with the edge there is far more communication and collaboration,” she says. “Communication, cross-functional work, the line of business leading edge investments, and the use of trusted advisors all play a role in more optimism regarding catastrophic security events.”

She adds this also points to the eradication of silos in organization and the reality that teams need to work together.

“Edge computing, with its changing attack surface means the adversaries are seeing things differently,” Lanowitz says. “Likewise, businesses must take that same view of an expanded attack surface, potential new threats, or potential increases in existing threats.”

DDoS Threat Persists as International Crackdowns Commence

The report comes as DDoS attacks continue to make headlines, from German websites getting knocked offline temporarily by the Killnet DDoS to the Serbian government reporting that it staved off five attacks aimed at crippling Serbian infrastructure.

More recently, the pro-Russian hacktivist group KillNet, which launches its campaigns against countries supporting Ukraine, ramped up its daily DDoS attacks against healthcare organizations.

In November 2022, nearly 50 of the most popular platforms available for hire to launch distributed DDoS attacks against critical Internet infrastructure were shut down and their operators arrested in a massive international law enforcement crackdown called Operation Power Off.