The deadly link between zero-day exploit and DDOS botnet attacks

The growing demand for connectivity and faster data transfer, along with new technology trends such as the Internet of Things (IoT) and the Artificial Intelligence (AI), combined withthe progressive implementation of the 5G network, are going to irreversibly reshape the pre-existing structure of cybersecurity at a global level.

It is true that 5G network will bring new services, new capabilities, new technologies and new regulatory requirements, but it will also bring new security threats and an increased attack surface. With IoT inception many and different actors and devices with different security standards will become involved in the transition, requiring superior attack resilience and a faster response time to counter the new emerging types of threats.

The numerous new devices interconnected by the 5G network, that are going to reshape our way of live and our daily relation with technology and smart objects, will also bring new risks and attack vectors. The tech industry will start to produce an exponential growing number of smart devices to fulfil all of the client’s smart needs, but in this market race, the price will be the key factor to win the competition.

This scenario immediately highlights the problem of the zero-day exploit, a cyber-attack that occurs on the same day a weakness is discovered in software, consequently there is no time to fix it or avoid it. The Zero-day vulnerabilities can be exploited to launch massive botnet DDos attack, a cyber-attack that attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic, usually coming from multiple infected devices.

A basic Denial of Service (DoS) attack consists in bombarding an IP address with large amounts of traffic. If the IP address points to a Web server, then it may be overwhelmed. Legitimate traffic heading for the Web server will be unable to contact it, and the site becomes unavailable. The service is denied.

A Distributed Denial of Service attack (DDoS) is a special type of denial of service attack. The principle is the same, but the malicious traffic is generated from multiple sources, usually orchestrated from one central point. The fact that the traffic sources are distributed, makes a DDoS attack much harder to block than one originating from a single IP address.

The biggest DDoS attack to date took place in February of 2018. This attack targeted GitHub, a popular online code management service used by millions of developers. At its peak, this attack saw incoming traffic at a rate of 1.3 terabytes per second (Tbps), sending packets at a rate of 126.9 million per second.

According to this evolution of the cybersecurity threat landscape, the producers and the whole industry production and distribution chain need to put in place stronger security standards and controls to secure patching process using automated processes and AI technologies. On the other hand, the consumers need to be informed on the issues that may occur when using low security devices, that can be easily infected and used against their interest or the interest of a third person.