DDoS attacks and mobile fraud are surging in 2018

DDoS attack

Two separate reports have highlighted the mounting threat of DDoS and mobile fraud attacks, demonstrating the shifting security landscape and the need for businesses to adapt their security policies.

Corero Network Security's DDoS report revealed attacks were up 40% year-on-year, with 77% of them lasting ten minutes or less and 63% less than five minutes. Companies that have experienced an attack have a one in five chance of finding themselves under siege less than 24 hours after the first.

The most common type of DDoS attack on organisations is low volume strikes, with 4% less than 5Gbps. However, the number of high-volume attacks (over 10Gbps) have more than doubled over the last year, suggesting they will rise in intensity in the coming period.

"Organisations are dependent on the Internet as a means to conduct business and deliver consumer/citizen services," Corero's CEO Ashley Stephenson said. "Any event that affects this ability to function will have a significant impact on that business.

"With Internet resilience coming down to a fraction of a second, it's easy to see why DDoS attacks are considered one of the most serious threats to Internet availability today resulting in damage to a brand's reputation, customer trust and revenue."

ThreatMetrix's investigation into mobile threats revealed that mobile attacks in the US have risen by 44% year-on-year (24% worldwide), as criminals take advantage of mobile usage to complete digital transactions such as mobile banking and purchasing. Additionally, it noted that because 85% of social media and dating site activity happens on mobile, these are becoming targets for hackers.

Now, a third of all fraud-related activities originate from mobile devices, which although highlights the need for mobile security, suggests desktop is still the less secure platform.

Device spoofing is the biggest threat to financial services, while mule networks and bot attacks are on the rise. ThreatMetrix explained large retailers are the biggest targets as criminals attempt to break into user accounts and steal payment information.

"Mobile is quickly becoming the predominant way people access online goods and services, and as a result, organisations need to anticipate that the barrage of mobile attacks will only increase," said Alisdair Faulkner, Chief Identity Officer at ThreatMetrix.

"The good news is that as mobile usage continues to increase, so too does overall customer recognition rates, as mobile apps offer a wealth of techniques to authenticate returning customers with a very high degree of accuracy."

He added that the key vulnerability in the mobile atmosphere is during the app registration and account creation step. To prevent criminals from breaking into the system using this security hole, businesses must use global intelligence that can uncover their true digital identity, with information compiled from the various places customer information is available on.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.