en.Wedoany.com Reported - A Nokia study reveals that changes in the cybersecurity threat landscape have turned consumer devices into a collective national security risk, with the network of exploitable devices exceeding 200 million.

Statistics released by the Nokia Deepfield Emergency Response Team (ERT) show that a vast number of devices, including smartphones, routers, and IoT devices, are breaching traditional cybersecurity defenses, a trend exacerbated by artificial intelligence data scraping.

The report indicates that 77% of Distributed Denial of Service (DDoS) attacks now end within five minutes, with 37% concluding in under two minutes. This rapid timeline makes traditional detection and mitigation security strategies difficult to implement effectively.

The Nokia report emphasizes that modern DDoS attacks have evolved from sustained external floods to complex internal bursts, with 58% of incidents being multi-vector attacks that combine methods such as SYN floods and HTTP Layer 7 attacks to bypass single-signature defenses.

Data also shows that 52% of attacks use a carpet-bombing strategy, dispersing traffic across multiple target prefixes to evade traditional detection thresholds.

Telecom operators have historically defended against external traffic from overseas hosting environments in a predictable manner. However, Nokia warns that this infrastructure approach has become ineffective over the past year.

Nokia points to the multi-hundred-million-dollar residential proxy market as the hidden engine behind this shift. Intermediaries often pay app developers to embed proxy software development kits (SDKs) into common applications, and some device manufacturers package malware directly into factory firmware.

However, Nokia states that the primary financial engine supporting this infrastructure is legitimate. Large AI companies require vast amounts of data to train large language models (LLMs). One leading proxy provider publicly stated that 14 of the top 20 LLM companies are its clients.

The report notes that residential IP addresses used for web scraping command higher prices, with a single US Tier 1 mobile IP retailing for approximately $95 for a two-week period. This AI data demand effectively funds the world's largest network of infected devices.

Nokia warns that if infected devices across major US operators were mobilized simultaneously, the total firepower would exceed hundreds of terabits per second. An attack of this scale could disrupt internet connectivity for an entire nation, pushing the DDoS threat into the realm of national security.

This internal warfare is believed to cause severe collateral damage to internet service providers before malicious traffic even reaches its intended target.

The report states that multiple terabits of outbound traffic can clog cellular Radio Access Network (RAN) and backhaul capacity, leading to unexplained performance degradation for legitimate users.

Mobile IP addresses are flagged with the highest risk scores on third-party security engines, forcing innocent users to constantly face CAPTCHA challenges, declined payment cards, and content throttling.

Nokia also warns of a significant mitigation gap. Modern attacks peak within one to three minutes and disappear entirely within five minutes, with traditional systems often unable to redirect traffic quickly enough to counter the strike.

Another report focusing on DDoS attacks, released in February, shows that DDoS attacks continue to rise, with attackers targeting UltraDNS as an attack surface.

DigiCert's 2025 Radar Briefing reveals that attacks against UltraDNS surged in late 2025, with approximately 176 incidents detected in December alone. UltraDNS is a cloud-hosted DNS service designed to securely guide enterprise user query responses.

Data shows that in the same month, UltraDNS handled approximately 4.75 trillion authoritative queries. Overall, the frequency, scale, and duration of DDoS attacks increased in the last three months of the year, a trend that continues.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com