How to Predict the Future in the Palm Lines of the Web

Anticipating what society will look like after the lockdown is no easy task. That being said, given the lightning speed of technological development, it doesn’t take a visionary to foresee the next challenges facing us in the world of cybersecurity in the short and medium term.

Has there actually been a change? Or are we just using the usual applications more?

Traffic Booms

The answer is unambiguous: yes, there is a change and a very significant one.

As people who take the lead from science, we can back up our predictions with detailed facts, using the data we have about the type of traffic that has moved through the Internet, as well as the services behind that traffic. The following table of data illustrates very clearly what is happening.

Global traffic growth between February 1 and April 19
Source: Sandvine reports

Internet traffic grew by 40% worldwide, but if we look a little closer, we see that the upstream traffic grew by 121%. This is clearly a new situation at technological level: we have gone from being receivers of data, to sending data massively.

[You may also like: Ensuring Remote Access Availability & Security]

A Breeding Ground for Hackers

It doesn’t take a genius to understand this development. Applications for telepresence, teleworking, virtual classrooms or simply talking to our loved ones are those most used these days and therefore we generate videos, sound and even data that we upload or exchange with others. All this brings about a complete paradigm change to the design of home networks, narrowing the gap between uploading and downloading data.

But there is also a very important factor behind this change: the traffic handled by these telepresence applications is UDP traffic. We probably need to explain to anyone not well read up on network technology that UDP traffic is a protocol focusing on speed, not quality, and therefore very far from the concepts of network security, a breeding ground for hackers.

As expected, most of the attacks carried out during March 2020 used the UDP traffic protocol (71%), camouflaged within the avalanche generated by the lockdown and use of telepresence applications. This poses a huge challenge for businesses as it is not easy to distinguish between trusted traffic and malicious traffic in the UDP protocol.

You can see the next question coming.

[You may also like: Beware the Security Threats from Remote Working]

Can’t we just distinguish between “good” traffic and “bad” traffic?

Unfortunately not, the next challenge is inherent in the telepresence application. Digital identification has gone from being an option to being a necessity. The following image shows why.

Search trends of the word “SEPE” in Spain
Source: Google Trend

The sector most affected by the lockdown is the labor market and we can see one of its direct effects in the above image (trend according to Google Trend on the word “SEPE”, i.e. Servicio Público de Empleo Estatal – State Public Employment Service): a surge in requests for various types of official formalities. With the lockdown measures applied, all the formalities had to be done through the Internet, so the question is obvious: how can we identify ourselves on the Internet?

Bots Everywhere

Unfortunately, in Spain, the electronic ID is simply an option, far from being commonly applied, and the same is true of the digital certificate or any other system, so for the time being more rudimentary procedures have been used.

From a technological point of view, architectures like Blockchain (designed for this type of situation) have not yet arrived, so in the short and medium term the first step is to mitigate, that is, to filter the reliable users from those who have darker intentions, which 75% of the time are bots.

Nearly 30% of the Internet is malicious bots, that is, a third of the traffic that reaches public services is junk; it simply wastes resources or tries to find weaknesses in the system to gain some kind of advantage.

In the case of public administration and socially sensitive issues such as the aid provided by the Spanish state to its citizens, ensuring digital identity is a pressing need. It is not only a question of technology or security on the net, it is the new scenario that is being written, a world where the “face to face” is going to be replaced by telepresence. We did not foresee this scenario and, only logically, we are arriving late at the table, but it is a challenge we can take up by using the different technological and organizational solutions that we already have at hand.

Note: A version of this article originally appeared in ISMS Forum.

Read Radware’s “The Big Bad Bot Report” to learn more.

Download Now

Juan Jose Navarro

Juan José Navarro is a Technical Account Manager for Radware in the Iberia region (Portugal, Spain & Andorra). In his more than 15 years of experience in the world of cybersecurity, “Juanjo” Navarro has worked in large projects and for various industries, such as defense, government and the financial industry. Prior to joining Radware, Juanjo has worked in important companies in the computer security industry such as Arrow and S21. He has also extensive experience as a trainer and evangelist of security solutions.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center