This past year was a big one for internet assaults, encryption, blackouts, velocity and IoT, and 2017 is positioned to bring even more headlines for each of these. As Cloudflare prepares for the coming year, we made some predictions about whats next for the future of the internet.
But first, lets review what we assure as a result of the widespread use and abuse of the internet in 2016.
In both Gabon and Gambia, internet connectivity was disrupted during elections. The contested election in Gambia started with an internet blackout that lasted a short time. In Gabon, the internet shutdown lasted for days. Even as we write this, countries like DR Congo are discussing blocking specific internet services, clearly forgetting the lessons learned in these other countries.
DDoS attacks continued throughout the year, hitting websites big and small. In March, we ensure weekend DDoS assaults that were peaking at 400 Gbps, and in December, we assured a new pattern of attackers treating attacks as a regular job to be performed from 9 to 5.
In addition to real DDoS, there were also empty menaces from a group calling itself Armada Collective and demanding bitcoin for sites and APIs to stay online. Another group popped up to copycat the same modus operandi.
The Internet of Things became what many had advised it would become: an army of devices used for attacks. A botnet army of IoT cameras and a major assault took out DNS service provider Dyn.
Non-DDoS assaults continued apace with hacks that need WAF protection like httpoxy and ImageTragick causing disruption for unprotected sites. And TLS experienced yet another attack called DROWN.
As the web has become more encrypted, the need to optimize TLS and TCP together has become more important .
But it wasnt all doom and gloomines. IPv6 watched significant mobile traffic and suddenly felt absolutely real. Apple announced that iOS apps must support IPv6-only networks and major ISPs started prioritizing IPv6 traffic. TLS 1.3 went live to dramatically simplify and be enhanced the security of the internet.
And the internet got a lot faster with widespread support for HTTP/ 2, including Server Push and WebP conversion. As the web has become still more encrypted, the need to optimize TLS and TCP together has become more important and Cloudflare helped contribute to increased security with Origin CA, HTTPS Everywhere and dedicating protected WebSockets to everyone.
The year ahead
Our team, consists of engineers, programmers, cryptographers and hackers, took a conducted an investigation into a virtual crystal ball and came up with our predictions for 2017. Heres what we think the year ahead will have to offer.
1Tbps DDoS attacks will become the baseline for massive assaults
Four years ago, we exemplified a blog post about a 65 Gbps DDoS with a picture of the band Massive Attack. The following year, Massive Attack were back illustrating a 300 Gbps attack; as internet velocities have gone up worldwide, so have DDoS sizings. In 2016, weve sporadically ensure 1Tbps DDoS assaults reported from various service providers. We believe that in 2017, the baseline for a massive attack will be 1Tbps( and we hope that Massive Attacks 2016 sung releases portend a 2017 album ).
The internet will get faster yet again as protocols like QUIC become more prevalent
Although HTTP/ 2 has a large effect on web performance, it also depends on the TCP protocol for connections, which can cause performance problems on lossy networks. Google has been experimenting with a protocol called QUIC, which utilizes UDP instead of TCP. We expect such UDP-based web protocol experiments to continue and become mainstream.
IPv6 will become the de facto for mobile networks and IPv4-only fixed networks is likely to be appeared upon as off
Our data says IPv6 is 27 percent faster, Facebook says 10 to 15 percentage faster, LinkedIn says between 10 to 40 percentage faster for mobile. Regardless of which numbers you believe, its clear that IPv6 provides a speed advantage. At the same time, ISPs and mobile networks are pushing for greater deployment of IPv6, and we expect IPv6 to be the norm in 2017 for all networks. Specifically for mobile networks, we believe IPv4 will be deprecated.
This chart shows the percentage of top 25,000 websites( according to Alexa) that are available over IPv6 😛 TAGEND
A SH-A1 crash will be announced
Back in 1996, potential crashes in MD5 were identified, but it wasnt until 2005 that actual crashes were demonstrated. At the time, the death of both MD5 and SH-A1 were predicted. MD5 is now seen as cryptographically useless and has even been used in malware to forge a certificate.
Since 2005, bad news about collision resistance in SH-A1 has been gathering and we predict that an actual crash will be computed in 2017.
Layer 7 attacks will rise but Layer 6 wont be far behind
When people think of DDoS assaults, they are typically thinking of volumetric attacks against layers 3 and 4( such as SYN deluges ). We believe that Layer 7 attacks( particularly against the HTTP and DNS protocols) will continue to rise in 2017 as attackers look for smart ways to knocking web applications offline beyond simply volumetric attacks.
At the same time, Layer 6 attacks against the TLS protocol will make an appearance. We have already seen such attacks in the past( attacks that were designed to consume server CPU by asking for slow or complex cryptographic operations) and smart attackers will continue their search for any weakness in a web application or protocol implementation.
Mobile traffic will account for 60 percentage of all internet traffic by the end of the year
The number of mobile internet users surpassed fixed internet users back in 2014, and today more than 80 percent of internet users own a smartphone, while 89 percent of their mobile time is spent using apps.
This means that acceleration and protection of APIs( that are used by apps for their internet connectivity) is essential and trends indicate that mobile traffic will be 60 percent of all internet traffic this year. This switch to mobile puts more emphasis on optimized web experiences and robust APIs than before.
The security of DNS will be taken seriously
The attack on Dyns DNS service showed how an often overlooked piece of the internet, the Domain Name System, is critical to its functioning. Much of the news around DDoS assaults until the Dyn attack was focused on attacks on websites and networks. With this realization that DNS is critical, security and safety will be taken seriously in 2017, and the protection of DNS infrastructure and servers will become a business necessity.
At the same time, the open nature of DNS will come into focus and DNSSEC will take on a larger role in securing DNS responses from attack.