Government Sector is Top Targeted Industry for DDoS Attacks in Q4 2023

Rhea-AI Summary

Lumen Technologies (NYSE: LUMN) released its Quarterly DDoS & Application Threat Report for Q4 2023, revealing a surge of DDoS attacks in the government sector. The report also highlights the increasing use of AI in cyberattacks and defense, with one government customer accounting for 1,759 attacks in Q4. Lumen's largest DDoS attack of 2023 reached a peak of 903 Gbps and targeted a telecom customer. The report also focuses on the rise of AI-driven attacks and the importance of application security in defending against cyber threats.

Cybersecurity Expert

The surge in Distributed Denial of Service (DDoS) attacks, particularly against the government sector, represents a significant threat to national security and public sector operations. With a 4,025% year-over-year increase, the scale of the problem is not just a technical issue but a strategic concern. Cybersecurity measures must evolve to counteract the sophistication and persistence of these attacks. The utilization of artificial intelligence (AI) by both attackers and defenders signifies a new era in cyber warfare, where the pace and complexity of attacks are intensified by AI capabilities. Defenders are compelled to leverage AI for predictive analytics and real-time response to maintain a robust defense against these threats.

For businesses, the implications are profound. The reliance on digital infrastructure makes DDoS attacks a business continuity issue. Organizations must invest in comprehensive cybersecurity solutions that include DDoS mitigation, such as Lumen's DDoS Hyper and application-layer defenses like Web Application Firewalls. The focus should be on not only protecting sensitive data but also ensuring the availability of services, which is critical for maintaining customer trust and operational integrity.

Network Security Analyst

The reported increase in attacks on the government sector and the record-breaking 903 Gbps attack on a telecom customer underscore the escalating scale and potency of cyber threats. The telecom sector's vulnerability is particularly concerning given its role as the backbone for other industries' communications. This interdependency amplifies the potential impact of such attacks, making the telecom sector's security a priority for the broader economic and operational stability.

Additionally, the rise in application-layer attacks, with a 37% block rate of traffic from web bots, indicates a trend towards more sophisticated attempts to compromise data integrity and access sensitive information. Organizations must adopt a layered security approach, integrating both network- and application-layer protections to safeguard against multifaceted threats. Continuous monitoring and adaptive defenses are crucial in this dynamic threat landscape.

AI Technology Analyst

The dual use of AI in cybersecurity presents a challenging dynamic for businesses. Attackers are increasingly exploiting AI for malicious purposes, leveraging it to enhance the scale, speed and stealth of attacks. The potential for AI-driven attacks using IoT devices at the network edge is particularly concerning due to the vast number of such devices and their often-lax security protocols.

Conversely, AI's role in defense is equally critical, enabling more sophisticated threat detection and response mechanisms. The evolution of AI models using data analytics from edge devices can significantly improve the ability to predict and thwart attacks. Businesses must stay abreast of advancements in AI to ensure their cybersecurity measures are not rendered obsolete by AI-enhanced threats. This includes investing in AI-driven security solutions that can match the evolving tactics of cyber adversaries.

Lumen Quarterly DDoS & Application Threat Report reveals the latest trends and insights on cyberattacks and AI threats

DENVER, Feb. 8, 2024 /PRNewswire/ -- The government sector experienced a surge of DDoS attacks in Q4 according to Lumen Technologies (NYSE: LUMN), a global leader in integrated network and cybersecurity solutions. The Lumen Quarterly DDoS & Application Threat Report for Q4 2023 analyzes data from its DDoS mitigation platform and application protection partner, ThreatX, to provide an overview of the DDoS and application-layer attacks that targeted organizations in the last quarter of 2023.

According to the report, the government sector was hit hard:

• 66% of the 1,000 largest attacks Lumen mitigated were targeting the government.
• Government attacks increased 163% from Q3 and a staggering 4,025% year over year.
• One government customer accounted for 1,759 attacks of the 1,953 government attacks in Q4, showing a persistent and focused campaign by cybercriminals.

"The government sector holds extremely sensitive data, so you can understand why it is a prime target for cyberattacks," said Sharada Achanta, Lumen VP of Product, Cybersecurity and AI. "Espionage, extortion, and disruptions are the reasons behind these attacks, and the attackers are not deterred by the increased security measures. The good news is that Lumen, through our Black Lotus Labs threat intelligence, can stop the attacks that cross our network before they become destructive. Lumen's threat intelligence and DDoS mitigation, powered by AI and machine learning, offer customers a distinctive and comprehensive cybersecurity solution."

Lumen's report also reveals that its largest DDoS attack of 2023 happened in Q4, reaching a peak of 903 Gbps. This attack targeted a telecom customer, which is part of a trend of telecom being a frequent target of attacks because it carries traffic for all other industries.

The Two Sides of AI
Artificial intelligence (AI) is a double-edged sword for cybersecurity, as attackers and defenders use it to enhance their skills. Attackers use AI to hide, automate, and craft sophisticated attacks, while defenders, like Black Lotus Labs, use AI to monitor, detect, predict, and respond to threats.

One growing concern in the AI space is how it might leverage devices on the network edge. Those include IoT devices, smartphones, and laptops.

• AI at the edge could increase the potential for AI-driven attacks, such as DDoS attacks using compromised IoT devices, or deepfake attacks using manipulated audio and video.
• AI can enable attacks that are faster, smarter, and more powerful, such as self-learning malware, botnets that adjust to defenses, and targeted social engineering.

AI can also be a powerful tool for defenders of the network.

• By using more analytics from edge devices, defenders can improve AI models for detection, prediction, and response.
• AI at the edge can boost the defense capabilities by giving more data and insights from edge devices and allowing quicker and more customized responses.

Application Threats on the Rise
The report shows that applications owned by ThreatX customers received more than 84 billion requests in Q4, with 1.7 billion of those blocked in real time. Almost 37% of the blocked traffic was from web bots. The attackers tried to access confidential information, change the structure of the websites, and steal passwords.

"Cyber miscreants span a broad spectrum, from activists to criminals to nation-state sponsored cyberwarfare groups. But DDoS remains a common link between all these groups, as the ability to disrupt the digital experience is a crude but effective cudgel against any modern business," said IDC Cybersecurity research director Chris Rodriguez. "With the security implications of GenAI only just now being explored, the most prudent way to prepare for the unpredictable is to focus on security basics, including a robust DDoS detection and response strategy."

"Application security is a critical component of any organization's cybersecurity strategy," said Achanta. "Attackers are after that critical data, constantly probing and testing applications for vulnerabilities and weaknesses using a variety of techniques and tools. Organizations need to have comprehensive and tailored protection against network- and application-layer attacks."

Protecting Businesses from DDoS Attacks
Although people believe identifying a DDoS attack is simple, tactics are becoming more complex and discreet. Businesses need to protect themselves.

• If a company uses applications to interact with customers, employees, or other stakeholders, they need holistic protection against network- and application-layer attacks. This will keep critical business functions up and running—even if they are under an active attack.
• Businesses should consider deploying additional application-layer defenses using Web Application Firewalls, API protections and Bot Risk Management solutions, and pair those with application acceleration solutions to make applications more responsive for their customers.
• Having DDoS mitigation in place, such as Lumen® DDoS Hyper® can prevent attackers from successfully launching large campaigns against an organization.
• This guide can help businesses find out if they're under an active DDoS attack.

Additional Information:

• For more insights and recommendations on how organizations can improve their security posture and defend against cyberattacks, read the full report here.
• Lumen has one of the largest DDoS mitigation deployments in the industry, backed by 170 Tbps of network-based mitigation capacity in more than 500 multi-tiered scrubbing locations.
• Learn more about Lumen DDoS Mitigation Services: DDoS Mitigation | Web Application Security | Lumen
• Learn more about Lumen application protection services: Web Application Firewall | Lumen
• Read how Lumen DDoS protection backed Texas Rangers' World Series triumph: Texas Rangers' World Series triumph backed by Lumen DDoS protection - Nov 27, 2023

About Lumen Technologies:
Lumen connects the world. We are igniting business growth by connecting people, data, and applications – quickly, securely, and effortlessly. Everything we do at Lumen takes advantage of our network strength. From metro connectivity to long-haul data transport to our edge cloud, security, and managed service capabilities, we meet our customers' needs today and as they build for tomorrow. For news and insights visit news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies. Lumen and Lumen Technologies are registered trademarks of Lumen Technologies LLC in the United States. Lumen Technologies LLC is a wholly owned affiliate of Lumen Technologies, Inc.

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/government-sector-is-top-targeted-industry-for-ddos-attacks-in-q4-2023-302057142.html

SOURCE Lumen Technologies

FAQ

What is the content of Lumen Technologies' Quarterly DDoS & Application Threat Report for Q4 2023?

The report reveals a surge of DDoS attacks in the government sector and the increasing use of AI in cyberattacks and defense.

What is the ticker symbol for Lumen Technologies?

The ticker symbol for Lumen Technologies is LUMN.

What was the largest DDoS attack of 2023 according to the report?

The largest DDoS attack of 2023 reached a peak of 903 Gbps and targeted a telecom customer.

What is the significance of AI in cybersecurity according to the report?

The report highlights the increasing use of AI in cyberattacks and defense, with one government customer accounting for 1,759 attacks in Q4.

What are the key insights about application security from the report?

The report emphasizes the importance of application security in defending against cyber threats and highlights the rise of AI-driven attacks.