Gen AI and IoT leading to increase in cyber attacks
- October 10, 2024
- Steve Rogerson
Cyber attacks on telecom infrastructure are accelerating, as cyber criminals harness generative AI and automation to increase the speed, volume and sophistication of their attacks, according to a report from Nokia.
The Finnish company’s tenth Threat Intelligence Report shows the number and frequency of distributed denial of service (DDoS) attacks, which can overwhelm telco infrastructure with traffic and make it inoperable, have grown from one or two a day to well over 100 per day in many networks.
Botnets continue to be the primary source of DDoS attack volume, representing about 60% of DDoS traffic monitored by Nokia from June 2023 to June 2024. During that time, residential proxies became a prominent tool for more advanced application-layer attacks.
A botnet is a network of computers and devices controlled and used by cyber criminals for launching malicious activities, such as DDoS attacks and the theft of personal and sensitive information.
North America has seen the highest number of cyber attacks – accounting for about one-third of the total – due to the concentration and scale of telecom infrastructure and large enterprises in the USA.
Reflecting a trend of recent years, the growth in DDoS attacks has been fuelled by the proliferation of hundreds of thousands of insecure IoT devices, ranging from smart refrigerators to smartwatches, which often have lax security protections and have gigabit and multi-gigabit broadband capacity that facilitates the spread of malware.
The most common malware in telecommunication networks was found to be a bot that scans for vulnerable devices, with weak encryption or passwords, or design flaws.
East Asia also faces significant data leaks due to inadvertent exposures by companies themselves, while Western Europe contends with a mix of cyber espionage and financially motivated breaches, according to the Threat Intelligence Report (onestore.nokia.com/asset/214202).
Even as generative AI enables faster, more sophisticated attacks, communication service providers are increasingly using the same technology to improve their response times and effectiveness against cyber threats.
Another threat concerns systems-on-chip (SoCs), hardware ICs that incorporate computer components that drive higher computing and network performance and reduce power consumption. Cyber criminals are increasingly targeting SoCs to exploit vulnerabilities in various components, such as firmware, software and hardware interfaces.
Quantum computing is another example where threats are emerging. Organisations such as the National Institute of Standards & Technology (Nist), which recently standardised the first algorithms that will form components of the world’s approach to counter the potential threats of quantum computing, are continuing to help shape security strategies globally.
“The use of generative AI and automation for nefarious purposes is leading to a stepwise increase in malicious actors’ capabilities and threat potential,” said Rodrigo Brito, head of security, cloud and network services at Nokia (www.nokia.com). “The threat intelligence findings further reinforce the need for operators, vendors and regulators to work more collaboratively to develop more robust network security measures, practices, and awareness.”
The report was compiled by Nokia’s threat intelligence centre, cyber security centre, security operations centre and deepfield emergency response team, as well as the company’s IP network and DDoS security experts.