RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Tuesday, July 7, 2026
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Add RCR Wireless as a preferred source on Google
  • Qualcomm 6G Insights
  • Huawei Content Hub
  • Qualcomm – 6G Vision
  • OSS/BSS Channel
RCR Wireless
RCR Wireless
  • Advanced Mimo
  • Mobile mmWave
  • 5G Positioning
  • Green Networks
  • Metaverse
  • Automotive
  • Industrial and Wide-area IoT
Copyright 2021 - All Right Reserved
Home - Understanding the evolution of DDoS attacks in the telecoms sector (Reader Forum)
Reader Forum

Understanding the evolution of DDoS attacks in the telecoms sector (Reader Forum)

by Sean Kinney, Principal Analyst January 31, 2024
written by Sean Kinney, Principal Analyst January 31, 2024 Share
LinkedinEmail
Share 0LinkedinEmail
5g sd wan sase cybersecurity privileged access iot zero trust
Image: 123rf
117

DDoS attacks have been plaguing telcos for over 25 years. For communications service providers (CSPs), the potential for an attack is nothing new. Typically, telco DDoS attacks are large and only getting bigger. For example, one of the most common types, HTTP flood attacks, has increased the average attack size by over 180% in the last year. Yet, while most attacks have this size in common, the methods attackers use can vary massively. So, what forms are these new DDoS attacks taking, what’s the impact on telcos, and how can they be stopped? 

The downtime disaster

While DDoS attack methods and vectors have evolved and diversified over time, the result that attackers aim for remains mostly the same – overloading their target to bring them offline. According to a recent report, the two most common DDoS attacks currently being used are HTTPS Floods and NTP Amplifications. HTTPS Floods accounted for one out of five attacks last year, exhausting servers by overwhelming them with answer requests to trigger downtime. The second most common, NTP Amplifications (accounting for one in four attacks), work similarly, exploiting a time-keeping protocol to flood the server with excessive data to cause downtime.

These days, downtime can be a death knell for any DDoS attack victim, let alone CSPs. On average, an hour of downtime for larger businesses will cost them around one million pounds or often more – in 2019, FaceBook’s 14-hour outage cost them $90 million. While there are many potential big business targets, telcos are particularly attractive due to their gradual evolution from traffic carriers to digital enablers. They now underpin most other business and critical infrastructure, making them tempting targets. 

The other attribute that makes telcos vulnerable to DDoS attacks is the large impact zone of downtime. If a service provider is hit by one of these attacks and has service-critical functions compromised, all of their customers could effectively be taken out. While impacting those reliant on that connectivity, this method could also be used as a precursor to more advanced attacks with national security threat potential. Any downtime can be incredibly costly from a customer perspective – the Optus outage this year led to nearly half a million dollars being claimed in compensation by affected customers. 

DDoS in a haystack: The rise of Bits and Pieces attacks 

While ‘traditional’ DDoS attacks can be lethal enough for a telco, a more specialised technique has come into play that is uniquely suited for use on CSPs – bits and pieces attacks (sometimes known as carpet bombing). They function similarly to the ‘traditional’ DDoS attack, except instead of flooding a single system with an overwhelming number of requests, they ‘hide’ the excess traffic by spreading requests across an entire network.

By dispersing smaller packets of requests across multiple hosts, the attack becomes far more challenging to detect as it can hide amongst the legitimate traffic, evading detection from regular cybersecurity methods such as thresholds and firewalls. 

While this method of attack might appear less dangerous since it tends not to take its target offline, the overall impact can be far worse than it seems for telcos. The contaminated traffic clogs up the IP, potentially damaging the Quality of Service to a point where QoS agreements with customers are in breach. 

As connectivity providers, the impact of these attacks is felt by telcos and their customers, with knock-on effects on trust and reputation, not to mention the financial loss incurred. They could be seen as having unreliable service, potentially leading to a loss in future business, and customers could claim compensation for having their QoS agreements breached. 

The risk that bits and pieces attacks pose only worsens as network traffic rises with the implementation of 5G and new data-hungry applications such as AI. Telcos will already be under pressure to deliver the networks needed for the future before the threat of these attacks is even considered. Put plainly, bits and pieces attacks are a dangerous threat that CSPs can’t afford to ignore against increasing service demands. 

Silver linings 

Although telcos have been mitigating against DDoS attacks for years, the number of factors they must consider has risen dramatically. With the amount of traffic passing through networks set to increase due to AI and 5G developments, DDoS attacks will also have much more legitimate traffic to hide in. Just as threat detection becomes infinitely more crucial, it’s set to become infinitely more complicated. 

Telcos should be protecting against these attacks, but there is a balance to find between under- and over-protecting. Too little protection would leave telcos open to attack, yet too much can be its kind of financial drain. False positives, where legitimate traffic is incorrectly identified as malicious, are just as problematic as attacks. So, while using a positive security model may effectively protect CSPs, it may be at the expense of their customers. 

However, there is an upside to this new era of CSP-focused DDoS: the financial benefits that telcos can unlock from securing their networks effectively. Those who thoroughly embrace DDoS protection and integrate it into their product offering could expand from just connectivity providers to managed security service providers. It can be a route to diversifying the business model, creating a new revenue stream and turning a security problem into financial gain. 

You Might Also Like
  • Trust you can see – the convergence of voice, messaging, and identity (Reader Forum)
  • Subsea resilience needs to move beyond cable count – here’s why (Reader Forum)
  • Real-world network emulation is critical for 5G deployments (Reader Forum)
  • Why autonomous networks don’t mature uniformly (Reader Forum)
  • Interoperability is key to unlock satellite D2D for all Americans (Reader Forum)
  • Dumb pipes no more – telcos have the AI opportunity of the decade (Reader Forum)

Table of Contents

  • The downtime disaster
  • DDoS in a haystack: The rise of Bits and Pieces attacks 
  • Silver linings 
Share 0 LinkedinEmail
Sean Kinney
Sean Kinney, Principal Analyst

Sean focuses on multiple subject areas including 5G, 6G, Open RAN, hybrid cloud, edge computing, and Industry 4.0. Prior to his work at RCR, Sean studied journalism and literature at the University of Mississippi then spent six years based in Key West, Florida, working as a reporter for the Miami Herald Media Company. He currently lives in Fayetteville, Arkansas.

previous post
2024 will be a catalyst for accelerating 5G Standalone/5G Core deployments (Reader Forum)
next post
iBwave integrates 5G into LTE and P25 network design scanner

White Papers

  • Enea White Paper: Why Intelligent AAA is the Swiss Army Knife of Telecom

  • CSG White Paper: Telco AI Enabler: Mediation’s Defining Role

  • Enea White Paper: Scalable Database Design for 5G and Beyond

  • Supermicro and NVIDIA Whitepaper: Powering sovereign AI at scale

  • VIAVI Whitepaper: RAN scenario generators and their critical role for future-proofing AI-native RAN in Advanced 5G and 6G networks

Editorial Reports

  • Report: Scaling Optical Networks For The Hyperscale And AI Era

  • Test And Measurement Market Pulse Report

  • Editorial Report: Securing telecom infrastructure for the quantum era

Webinars

  • Webinar: Rethinking the RAN as AI, cloud and openness converge

  • Webinar: Scale-Up, Scale-Out, Scale-Across – Building AI-Era Network Fabrics

  • Webinar: NTN in motion – evolving standards, expanding services

  • Webinar: Noise-Figure Measurements with RFmx and PXI VSTs

  • Qualcomm Webinar – Building the 6G Standard: Key developments to know

Since 1982, RCR Wireless News has been providing wireless and mobile industry news, insights, and analysis to mobile and wireless industry professionals, decision makers, policy makers, analysts and investors.

Facebook Twitter Youtube Linkedin Envelope Rss

Useful Links

  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive
  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive

Edtior's Picks

What defines network performance in 5G and beyond? A CTO Perspective
Elisa says AI automation has cut network incidents by over 80%
“We’re going after the operator channel” – Druid bets on simplicity to scale...

Latest Articles

What defines network performance in 5G and beyond? A CTO Perspective
Elisa says AI automation has cut network incidents by over 80%
“We’re going after the operator channel” – Druid bets on simplicity to scale private 5G
Enea White Paper: Why Intelligent AAA is the Swiss Army Knife of Telecom

© 2026 RCR Wireless News All Right Reserved. Developed by Eight Hats.

Cookie Policy | Privacy Policy

RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
@2020 - All Right Reserved. Designed and Developed by PenciDesign