What is certain is that individual DDoS attacks will get bigger, as attackers co-opt millions of unsecured IoT devices into botnets and DDoS-for-hire services proliferate online. In 2016, the Mirai botnet attack made history for breaching the 1 terabit-per-second barrier for the first time. Just four years later, Amazon reported an attack with a magnitude of 2.3Tbps.

With some attacks only lasting a few minutes, CSPs will need new strategies for identifying and mitigating these sudden and overwhelming floods of traffic. “We need to plan for more and harsher cyberattacks,” says Mohr-McClune. “That side of the market is only likely to become darker, more aggressive and better targeted – and that will drive new architecture choices.”

CSPs need a new definition of ‘worst-case scenario’

All of this means CSPs need to reconsider the stresses that might be put on IP networks in the future. “Operators have always planned for worst-case scenarios, but until the pandemic, we never really understood what the worst case could look like,” says Mohr-McClune. “We need to rebuild our assessment of what the worst case looks like, and plan towards that.”

In practice, that means ensuring the network is flexible enough to handle the revised view of what constitutes a worst-case scenario. While that will mean tough decisions around where and when to deploy radios and fiber, technological advances are making it progressively easier to ensure the IP network infrastructure can flex with demand.

“There are so many ways traffic is coming in now, and it’s going to so many endpoints,” says Vach Kompella, Vice President of IP Networks at Nokia. “We can’t design traffic models that are accurate, so we have to adjust as the models change. ”

Networks need more automation and architectural flexibility

Adjusting the network was once a job for human operators, but the complexity of modern networks makes manual handling of unforeseen events impossible.

“The more endpoints we have, the more services we have, the more connectivity that’s out there, the harder it is to have a central operations control site that’s monitoring the entire network with a bunch of humans,” says Kompella. “It gets very quickly into the realm of a lot of it having to be automated.”

Network automation is becoming much more advanced, he says, making IP networks self-aware and capable of automatically adjusting to handle unforeseen events like outages and DDoS attacks. Machine learning is starting to play a key role; for example by being able to automatically identify and reject DDoS traffic before it floods the network.

Architectural flexibility is crucial, too, requiring routers that can easily be reconfigured as new services emerge and demands evolve. “Programmability is very important,” says Kompella. “We don’t really know the direction that networks are going, so we need general-purpose or network-oriented processors, rather than fixed function ASICs.”

Network flexibility will allow CSPs to meet new customer demands

Flexibility in the IP network isn’t just about handling unexpected events and traffic patterns, but also about enabling CSPs to meet new customer demands. Kompella cites fixed-mobile convergence – where a person might reasonably expect to video-call from home, from the office, from the park or from a café – as one use case that will require a modern, automated IP network.

“When the end user doesn’t care what the access is, you have to design your network to offer the same set of services on any access,” he says. “And you have to be prepared that these services are going to be used from any access. It’s very important from an architecture point of view to realize this is coming, and that you have to optimize your deployment to be able to handle it.”

Mohr-McClune agrees, believing that workers – and their employers – will start to demand assurance from CSPs that they will be able to work effectively from anywhere. “We see operators focusing their future product development around an SLA that gives consumers the confidence to know that if they’re forced to work at home, then the home office will be an appropriately professional environment,” she says.

The new “normal” is anything but

So much has changed since the start of the pandemic that the idea of networks “returning” to any kind of pre-pandemic normal is long gone. With new working patterns, new applications, new services, new security threats and the imminent 5G-powered explosion of the industrial IoT, the only predictable thing now is that network traffic will become less and less predictable.

On the upside, we’ve come a long way from the 2010 World Cup, when CSPs had to manually reconfigure stadium networks to allow fans to communicate. As we move deeper into a “new abnormal”, automation, machine learning and architectural flexibility will allow networks to adapt automatically as traffic patterns shift in ways that nobody could have predicted.