Story image

DDoS attacks on the rise, how will you respond?

28 Jan 15

Arbor Networks latest infrastructure security report has found the size, complexity and frequency of DDoS attacks continues to rise, with customer infrastructure and data centres prime targets.

The 10th Annual Worldwide Infrastructure Security Report by Arbor Networks is based on insights from service providers and enterprise, education, government organisations.

In the last decade DDoS has moved from being 'a nuisance' to a very serious threat to business continuity and the bottom-line, says Arbor Networks.

The largest reported attack 10 years ago was 8Gps, whereas the largest reported DDoS attack in 2014 was 400Gbps.

Of those surveyed, 90% experienced application-layer attacks in 2014 and 42% experienced multi-vector attacks that combine volumetirc, application-layer and state exhaustion techniques within a single sustained attack.

Today DDoS attacks are components of complex, often long-standing, advanced threat campaigns, says Arbor Networks, whereas in 2004 ‘brute force’ flood attacks were the most common attack vector

According to the report the amount of DDoS attacks is on the rise. In 2013 just over one quarter of respondents indicated they had seen more than 21 attacks per month, and in 2014 this figure doubled to 42% of respondents.

Firewalls and IPS devices continue to be targets for attackers, and more than a third of organisations experience Firewall or IPS device failure or outages during a DDoS attack, says Arbor Networks.

Cloud services are also increasingly targeted, with more than one quarter of respondents indicating they had seen attacks here.

While security incidents are up, the report found enterprises are not fully prepared to respond.

In fact, while more than a third of respondents indicated an increase in security incidents in 2014, under 50% of respondents felt reasonably or well prepared for a security incident. On top of this, 15% indicated they have no plans or resources in place.

The issue of DDoS attacks is particularly important for data centre operators, as more than one third of this group experienced attacks that exhausted their internet bandwidth, says Arbor Networks.

At 44%, almost half of data centre respondents experienced revenue losses due to DDoS, according to the report.

Arbour Networks says, “This underscores just how critical of an issue this continues to be for data centre operators: downtime means not just lost business for the data centre operator, but the collateral damage extended to their customers operating business critical infrastructure in the cloud.”

Darren Anstee, Arbor Networks director of solutions architects, says, “Arbor has been conducting the Worldwide Infrastructure Security Report survey for the last 10 years and we have had the privilege of tracking the evolution of the Internet and its uses from the early adoption of online content to today’s hyper connected society.”

“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and, data breaches were most likely carried out by employees who had direct access to data files.

"Today, organisations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend. The business impact of a successful attack or breach can be devastating – the stakes are much higher now," he says.

Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.