Nokia has introduced Deepfield Genome Shield, a new security automation platform designed to provide continuous, proactive protection against increasingly sophisticated distributed denial-of-service (DDoS) attacks. The company describes the solution as the industry’s first always-on DDoS defense system tailored for telecommunications operators, hosting providers, internet exchange points, and cloud infrastructure builders.
The launch comes as the DDoS threat landscape undergoes a significant transformation. Cybercriminals are increasingly leveraging vast residential proxy botnets made up of millions of compromised consumer devices. These networks enable attackers to generate highly distributed, difficult-to-detect attacks that can deliver multi-terabit traffic surges within seconds while constantly rotating IP addresses to evade traditional defenses.
According to Nokia, residential proxy botnets now represent one of the most pressing cybersecurity challenges, with an estimated attack capacity ranging from 250 Tbps to 600 Tbps. Many of the devices involved belong to unsuspecting users whose internet connections are secretly exploited to launch attacks against service providers and national networks.
Conventional mitigation approaches, which rely on traffic diversion to scrubbing centers after an attack has been detected, often struggle to respond quickly enough to these short-duration, high-intensity assaults. The growing use of AI technologies has further intensified the threat, enabling attackers to automate operations, expand botnet capabilities, and develop more advanced evasion techniques.
To address these challenges, Nokia’s Deepfield Genome Shield shifts security strategies from reactive response to proactive prevention. The platform extends the capabilities of Deepfield Defender by continuously collecting and analyzing threat intelligence from multiple sources, including the Deepfield Secure Genome database, which monitors more than five billion internet endpoints, as well as telemetry data and insights gathered from Deepfield’s cyber range environment.
The system automatically converts this intelligence into network-wide security policies, allowing service providers to identify and block malicious activity before attacks can cause disruption. Nokia says the approach enables stronger protection against modern cyber threats, including outbound DDoS traffic originating from compromised devices within a network.
Developed in collaboration with customers and the broader cybersecurity community, Genome Shield aims to help network operators strengthen resilience against the rapidly evolving threat posed by botnets and AI-powered cyberattacks.
