Thanks to government initiatives and rapidly evolving business trends, Malaysian organisations have been digitising at breakneck speeds. This means that consumer-grade cyber defence mechanisms are now not sufficient to safeguard their ever-growing digital footprints.
“As businesses are handling growing volumes of customer personal and financial data, and given the rising threat landscape, it’s no longer just the simple risk of a small financial loss. There is simply too much at stake,” said Alvin Chan, Country Manager of NSFOCUS Technologies Malaysia (pic above).
NSFOCUS is an iconic internet and application security company with over 21 years of proven industry experience. The company is world renowned as being an industry leader in network and cybersecurity solutions, having been recognised by the likes of Gartner, Forrester, and Frost & Sullivan.
The company also recently released its 2020 DDoS Attack Landscape Report. The report reveals a slightly declining number of Distributed Denial-of-Service (DDoS) attacks in 2019, likely due to improving cybersecurity protection capabilities.
Despite this reduction, the report noted that DDoS attacks increased in intensity during the COVID-19 pandemic. Sectors that saw higher focus included healthcare, government, and education.
Number and Volume of DDoS Decline in 2020
Over 2020, NSFOCUS detected 152,000 DDoS attacks with a combined volume of 386,500TB. These numbers represent a Year-on-Year (YoY) decrease of 16.16 and 19.67 respectively.
While increasing cyber defense capabilities may have led to this reduction, a pivotal shift in trend may still be cause for alarm. Notably, mobile and IoT technologies’ adoption increase along with pending rollouts of 5G Networks.
New Threat Vector: 5G
Between 2016 to 2020, the volume of DDoS attacks over 5G globally has increased, particularly in the small to medium-sized space. These reached peak volumes of nearly 80GB in mid-2018 before slowing up till early 2020. The start of the Covid-19 pandemic saw attacks steadily resume over the year.
Among these attacks, the majority hovered in volume between 5 – 50 Gbps, accounting for 53.07% of the total. This volume is in-line with broader bandwidth allowed for by 5G networks.
“With Malaysia embracing 5G as the a result of the government’s MyDIGITAL initiative, local organisations should be mindful of such threats – and put in place the necessary defences before they occur,” said Alvin.
DDoS Defences Must Continue to Evolve
Aside from newer technologies, newly discovered network vulnerabilities also pose an increased threat. One such example is the NXNSAttack DNS server vulnerability discovered in May 2020. Attackers taking advantage of this vulnerability are able to exploit recursive resolvers on nameservers to pass requests on to malicious servers.
Other newer attack findings include:
● RangeAMP attacks which exploit specific HTTP header fields
● Potentially more devastating HTTP 2.0 and CC 2.0 Attacks
As networks and protocols gain deeper complexity, more development in research and mitigation skills and technology will be required for better defence policies.
NSFOCUS Research stresses the need to leverage big data and artificial intelligence technologies to improve the development of cyberdefense technologies. Only then will the necessary defences be more readily available to mitigate potential business damage.
“NSFOCUS delivers a holistic suite of security products that work in concert to protect organisations from the biggest cyber threats such as ever increasing DDoS attacks, advanced persistent threats (APTs) from threat actors around the world, and 0-day ransomware infestations,” said Alvin.
“Because NSFOCUS products are powered by industry leading threat intelligence, organisations are now fully enabled to leverage the promise of cloud computing,” he further said, adding that its business partners are also better empowered to provide better security as a service in a smart and simple way.
Its cybersecurity value proposition comprises:
· On-Premises DDoS Defenses which enable service providers defeat attacks impacting their customers, using NSFOCUS On-Premises Defences
· Hybrid DDoS Defenses which combines On-Premises defences with Cloud Defences, while enabling providers to deliver Managed DDoS Services with a multi-tenant Platform that produces the lowest operating costs in the industry.
· NSFOCUS Threat Intelligence (NTI) Subscription Service provides you with actionable intelligence that minimizes your risk and improves your overall security posture, with improved visibility into North Asia threat landscape including countries like Vietnam, China, and Korea (up to 40% of the world’s hacking activity originates from North Asia).
· NSFOCUS Web Vulnerability Scanning System (WVSS) to help ensure enterprises are equipped with the most comprehensive application-layer protection against web attacks. protects websites by identifying vulnerabilities in web applications that can be exploited by hackers. Following identification, it provides the NSFOCUS WAF (Web Application Firewall) with actionable analysis and reporting, including a remediation plan to improve the overall security of the website.
· The NSFOCUS Web Application Firewall (WAF) uses next generation technologies to provide comprehensive application layer security, eliminating these problems and completely protecting your critical web applications. With full out-of-the-box protection against the OWASP Top Ten, the WAF is specifically engineered to protect not just web applications, but their underlying infrastructure, plug-ins, protocols, and more.
· The NSFOCUS Next-Generation Intrusion Prevention System (NGIPS) provides comprehensive threat protection that blocks intrusions, prevents breaches, and safeguards your valuable assets.
“Today, we are operating globally with 2000+ employees at two headquarters in Beijing, China and 40+ offices worldwide including the IBD HQ in Santa Clara, CA, USA,” said Alvin.
Tim Tsung, APAC Managing Director of NSFOCUS Technologies Group also added, “ Judging from the 2020 Global Cybersecurity Index issued by the International Telecommunication Union (ITU), Malaysia ranked No. 2 in terms of legislation, technology, cooperation, organization matching and market space in the Asia Pacific region.”
“We very much respect the forward-looking nature of the Malaysian government and enterprises in the field of cybersecurity. As a responsible cybersecurity solution provider in the international community, NSFOCUS is confident to help the Malaysian government and enterprises protect their cyber assets.”
To access the complete NSFOCUS 2020 DDoS Attack Landscape Report click here.
