NordVPN Promotion

Home / News

DDoS Attacks Getting More Powerful, ISPs Report Concern Over New Threats and Budget Pressures

Massive distributed denial of service (DDoS) attacks against ISPs and their customers have almost doubled over the past year, according to a new security report.

Attacks on networks making them unavailable to intended users—also known as distributed denial of service (DDoS) attacks—exceeded 40 gigabits in the last year according to Arbor Networks’ annual survey of ISPs from North America, South America, Europe and Asia.

In addition to a significant rise in the volume of attacks against network infrastructure, the survey has also found that smaller and more sophisticated attacks—including service-level and application-targeted attacks, DNS poisoning, and route hijacking—are more difficult to manage than larger, brute force attacks and can cause a serious disruption in network service or enable further compromise.

“This year’s report underscores the twofold challenges faced by ISPs today,” said Danny McPherson, chief security officer for Arbor Networks. “ISPs are currently waging a multi-faceted battle as they face increased cost and revenue pressure, along with multi-threaded attacks that are growing in size, frequency and sophistication. The good news is that through improved communications and information sharing in the operational security community—this report included—the service provider community will be better prepared for the fight against Internet threats today and in the future.”

When asked to rank threats that they believe would pose the largest problems over the next 12 months, bots and botnets again took the top spot, followed closely by DNS cache poisoning and BGP route hijacking. Source: Arbor Networks

 

The key findings in the report include:

ISPs Fight New Battles. In the last four surveys, ISPs reportedly spent most of their available security resources combating distributed denial of service (DDoS) attacks. For the first time, this year ISPs describe a far more diversified range of threats, including concerns over domain name system (DNS) spoofing, border gateway protocol (BGP) hijacking and spam. Almost half of the surveyed ISPs now consider their DNS services vulnerable. Others expressed concern over related service delivery infrastructure, including voice over IP (VoIP) session border controllers (SBCs) and load balancers.

Attacks Now Exceed 40 Gigabits. From relatively humble megabit beginnings in 2000, the largest DDoS attacks have now grown a hundredfold to break the 40 gigabit barrier this year. The growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and ISP infrastructure investment. The below graph shows the yearly reported maximum attack size.

Services Under Threat. Over half of the surveyed providers reported growth in sophisticated service-level attacks at moderate and low bandwidth levels attacks specifically designed to exploit knowledge of service weakness like vulnerable and expensive back-end queries and computational resource limitations. Several ISPs reported prolonged (multi-hour) outages of prominent Internet services during the last year due to application-level attacks.

Fighting Back. The majority of ISPs now report that they can detect DDoS attacks using commercial or open source tools. This year also shows significant adoption of inline mitigation infrastructure and a migration away from less discriminate techniques like blocking all customer traffic (including legitimate traffic) via routing announcements. Many ISPs also report deploying walled-garden and quarantine infrastructure to combat botnets.

Related Links:
Arbor Networks Publishes Fourth Annual Worldwide Worldwide Infrastructure Security Report (Arbor Netowrks, 11/11/2008)
2008 Worldwide Infrastructure Security Report (Arbor Security Blog, 11/11/2008)
Copy of the Full Report (Free Registration Required)
Distributed DoS Attacks Surging in Scale, ISPs Report (NetworkWorld, 11/11/2008)

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

NordVPN Promotion