Story image

DDoS attacks on the rise, how will you respond?

28 Jan 15

Arbor Networks latest infrastructure security report has found the size, complexity and frequency of DDoS attacks continues to rise, with customer infrastructure and data centres prime targets.

The 10th Annual Worldwide Infrastructure Security Report by Arbor Networks is based on insights from service providers and enterprise, education, government organisations.

In the last decade DDoS has moved from being 'a nuisance' to a very serious threat to business continuity and the bottom-line, says Arbor Networks.

The largest reported attack 10 years ago was 8Gps, whereas the largest reported DDoS attack in 2014 was 400Gbps.

Of those surveyed, 90% experienced application-layer attacks in 2014 and 42% experienced multi-vector attacks that combine volumetirc, application-layer and state exhaustion techniques within a single sustained attack.

Today DDoS attacks are components of complex, often long-standing, advanced threat campaigns, says Arbor Networks, whereas in 2004 ‘brute force’ flood attacks were the most common attack vector

According to the report the amount of DDoS attacks is on the rise. In 2013 just over one quarter of respondents indicated they had seen more than 21 attacks per month, and in 2014 this figure doubled to 42% of respondents.

Firewalls and IPS devices continue to be targets for attackers, and more than a third of organisations experience Firewall or IPS device failure or outages during a DDoS attack, says Arbor Networks.

Cloud services are also increasingly targeted, with more than one quarter of respondents indicating they had seen attacks here.

While security incidents are up, the report found enterprises are not fully prepared to respond.

In fact, while more than a third of respondents indicated an increase in security incidents in 2014, under 50% of respondents felt reasonably or well prepared for a security incident. On top of this, 15% indicated they have no plans or resources in place.

The issue of DDoS attacks is particularly important for data centre operators, as more than one third of this group experienced attacks that exhausted their internet bandwidth, says Arbor Networks.

At 44%, almost half of data centre respondents experienced revenue losses due to DDoS, according to the report.

Arbour Networks says, “This underscores just how critical of an issue this continues to be for data centre operators: downtime means not just lost business for the data centre operator, but the collateral damage extended to their customers operating business critical infrastructure in the cloud.”

Darren Anstee, Arbor Networks director of solutions architects, says, “Arbor has been conducting the Worldwide Infrastructure Security Report survey for the last 10 years and we have had the privilege of tracking the evolution of the Internet and its uses from the early adoption of online content to today’s hyper connected society.”

“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and, data breaches were most likely carried out by employees who had direct access to data files.

"Today, organisations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend. The business impact of a successful attack or breach can be devastating – the stakes are much higher now," he says.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.