How AI and IoT are Supercharging the DDoS Threat

IoT devices such as smart watches, smart home thermometers, appliances, and more represent millions and millions of devices being added to the internet. Often these devices have poor security making them targets for botnet attacks and thus, DDoS attacks are up. DDoS attacks do grow as the internet expands and grows but the relationship is not linear. Instead, the real reason for the surge in DDoS attacks are botnet for hire services and lower sophistication required to carry out cyberattacks, largely due to AI. However, the number of high value targets such as banks, governments, and critical infrastructure has not grown as much resulting in an imbalance between attackers and the ways they can attack and the targets they are attacking. This means more frequent and complex attacks on important services increasing the likelihood of a extremely disruptive attack. AI is being used to automate reconnaissance, optimize the efficiency of botnets, avoid detection by changing attack patterns, and using GANs to generate traffic that mimics normal behaviors. All of these reasons are improving DDoS attacks. Organizations do employ DDoS attack protection but they are often down which means that the protection is not useful. In order to mitigate the DDoS attack risk, organizations should be running DDoS attack simulations to see where security needs to be improved. Most organizations have the defenses they need to be effective and protect but they are not being deployed in the correct fashion. Often organizations fall back on standard protections such as rate limiting and static filters which disrupt normal network traffic more than they assist in protecting attacks when the more advanced DDoS protections they have could be deployed to actually prevent attacks.