SonicWall gave us some good news and some bad news in a recent report on the cybersecurity landscape in 2016. The good news: malware attacks are down slightly. The bad news, as anyone who manages websites or works in IT knows: ransomware is up massively and DDoS attacks leveraging the IoT are the year’s highlight.
The drop in malware attacks is positive, but it’s unlikely to make much difference to site owners or hosting providers. The biggest decline was in the retail industry, driven by the introduction of chip-and-pin cards. If there will ever be a time for server admins to take it easy, it’s not now.
The prominence of general malware attacks is also likely to have declined because online criminals have moved to more lucrative ransomware attacks. In 2016, there were 167 times more ransomware attacks reported than in the previous year. Ransomware is attractive to online criminals because the payoff is direct and they almost never get caught.
Most ransomware attacks target Windows systems, but there’s a huge and largely untapped market of enterprise and small business servers running on Linux, so you can bet good money that some very smart criminals are putting their minds to developing more effective ransomware attacks against server operating systems than we’ve seen thus far.
The most salient detail in the report for server administrators is probably the rapid rise in DDoS attack volumes, largely powered by insecure Internet of Things devices. Over the last few years, the volume of data used in DDoS attacks has grown rapidly as attackers discover chinks in the internet’s armour that allow them to amplify the amount of data they can send.
The IoT issue is slightly different in that attackers are directly exploiting the devices that we’re all enthusiastic to bring into our homes and businesses. The Internet of Things — smart connected devices — isn’t going anywhere. In fact, we’re probably on the lower slopes of a peak that will see many millions more IoT devices deployed.
Makers of IoT devices are giving criminals a gift: insecure devices, often with default credentials, connected to the Internet. Once those devices are in the wild, there’s almost no chance they’ll be updated and made secure. There’s now a thriving economy of DDoS providers, who rent networks of compromised web cams and home automation equipment to anyone with the money to pay.
The DDoS problem is only going to get worse over the next few years, and it’s something server admins, website owners, and hosting providers will be struggling with for the foreseeable future.