DDoS attacks on the rise, how will you respond?
Arbor Networks latest infrastructure security report has found the size, complexity and frequency of DDoS attacks continues to rise, with customer infrastructure and data centres prime targets.
The 10th Annual Worldwide Infrastructure Security Report by Arbor Networks is based on insights from service providers and enterprise, education, government organisations.
In the last decade DDoS has moved from being 'a nuisance' to a very serious threat to business continuity and the bottom-line, says Arbor Networks.
The largest reported attack 10 years ago was 8Gps, whereas the largest reported DDoS attack in 2014 was 400Gbps.
Of those surveyed, 90% experienced application-layer attacks in 2014 and 42% experienced multi-vector attacks that combine volumetirc, application-layer and state exhaustion techniques within a single sustained attack.
Today DDoS attacks are components of complex, often long-standing, advanced threat campaigns, says Arbor Networks, whereas in 2004 ‘brute force’ flood attacks were the most common attack vector.
According to the report the amount of DDoS attacks is on the rise. In 2013 just over one quarter of respondents indicated they had seen more than 21 attacks per month, and in 2014 this figure doubled to 42% of respondents.
Firewalls and IPS devices continue to be targets for attackers, and more than a third of organisations experience Firewall or IPS device failure or outages during a DDoS attack, says Arbor Networks.
Cloud services are also increasingly targeted, with more than one quarter of respondents indicating they had seen attacks here.
While security incidents are up, the report found enterprises are not fully prepared to respond.
In fact, while more than a third of respondents indicated an increase in security incidents in 2014, under 50% of respondents felt reasonably or well prepared for a security incident. On top of this, 15% indicated they have no plans or resources in place.
The issue of DDoS attacks is particularly important for data centre operators, as more than one third of this group experienced attacks that exhausted their internet bandwidth, says Arbor Networks.
At 44%, almost half of data centre respondents experienced revenue losses due to DDoS, according to the report.
Arbour Networks says, “This underscores just how critical of an issue this continues to be for data centre operators: downtime means not just lost business for the data centre operator, but the collateral damage extended to their customers operating business critical infrastructure in the cloud.”
Darren Anstee, Arbor Networks director of solutions architects, says, “Arbor has been conducting the Worldwide Infrastructure Security Report survey for the last 10 years and we have had the privilege of tracking the evolution of the Internet and its uses from the early adoption of online content to today’s hyper connected society.”
“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and, data breaches were most likely carried out by employees who had direct access to data files.
"Today, organisations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend. The business impact of a successful attack or breach can be devastating – the stakes are much higher now," he says.