Akamai, Limelight Networks, EdgeCast, Level 3, CloudFlare, Incapsula, Zenedge, SiteLock, F5 Networks, Radware, Verisign, and many other companies have done a nice job of building out their DDoS mitigation / scrubbing center capabilities over time. Some have spent millions in products, and all have invested considerable time developing robust security platforms into their global network infrastructure. Some of them fight attacks on a daily basis, and others weekly. The hardware and software powering these scrubbing centers usually consist one of the following products: Arbor Networks, Cisco, Radware, Imperva or Fortinet. Other times its a custom system like Incapsula’s Behemoth scrubbing servers.
All have been successful mitigating large scale DDoS attacks day-in day-out, including CloudFlare, when they came eye to eye with a super famous 400Gbps attack. But in a few years, 400Gbps will be child’s play. The day is coming, and it might be as soon as five years, that DDoS attacks will be 25x – 50x larger in volume than present day attacks. Currently, in the other side of the technology world, game changing innovation is occurring in the wireline and wireless business, that will allow adversaries to do much more damage with much less infrastructure. When 5G comes out, 5G enabled devices will leverage LTE + WiFi in tandem, allowing mobile users to upstream hundreds of Mbps. In the wireline business, GPON gives homes with fiber, Gbps speed. Verizon FiOS is built on GPON, and many other last mile carriers are following suit. What happens when one adds DDoS Attacks + GPON + 5G? Lets do some scary math.
- 2,000 node bot army x 500Mpbs = 1Tbps DDoS Attack
- 25,000 node bot army x 500Mbps = 12.5 Tbps DDoS Attack
At this level, only Akamai will be able to mitigate such an attack, unless CDNs and global infrastructure companies start planning today for the worse that’s soon to come. Those that are unprepared for this type of scenario are likely to be sidelined in the security business.