Sophisticated Network Attacks on Rise
ISPs at present are waging a multi-faceted battle as they face increased cost and revenue pressure, along with multi-threaded attacks that are growing alarmingly in size, frequency and sophistication, said a recently released report on worldwide infrastructure security.
In addition to attacks against network infrastructure, smaller and more sophisticated attacks including service-level and application-targeted attacks, DNS poisoning, and route hijacking have also risen, said the report commissioned by Arbor Networks. They are more difficult to manage than larger forceful attacks and can cause a serious disruption in network service.
Detection of application layer attacks is more difficult and providers need to have deep application insight into IP services and applications to identify, and mitigate such attacks. “To ensure the highest level of customer satisfaction, ISPs need to detect and surgically remove only the attack traffic while maintaining legitimate business traffic,” said Danny McPherson, chief security officer for Arbor Networks.
The distributed denial of service (DDoS) attacks that make a network unavailable to its intended users were as large as 40 gigabits last year. The largest sustained attacks reported in the last two years were 24 Gbps and 17 Gbps, respectively, representing a 67% increase in attack scale over last year, a 100-fold increase since 2001, say the report. Furthermore, 36% of survey respondents last year reported observing sustained attacks larger than one Gbps and the number of respondents observing one gigabit per second or larger attacks too nearly doubled this year.
“The growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and infrastructure investment and, while most ISPs now have the infrastructure to detect bandwidth flood attacks, many still lack the infrastructure and ability to quickly mitigate these attacks,” said McPherson.
Botnets (26%) continue to be the primary vehicle for delivering the largest problems to network operations and security engineers, followed closely by DNS cache poisoning (23%) and BGP route hijacking (15%).
55% of respondents said the scale and frequency of security threats for IPv6 will increase as it becomes more widely deployed, while only 8% of respondents believe threats will decrease with improved IPv6 deployment. And although VoIP continues to be a rising attack vector for miscreants, providers are under prepared to protect their VoIP infrastructure from attack, the study said. Only 21% of respondents indicated that they had tools in place to detect threats against VoIP infrastructure or services.
“Many organizations generate most or all of their revenue from Web or other network service transactions, and their Internet ‘presence’ is critical to their fiscal well-being. Therefore, many organizations now consider subscribing to MSS as an everyday cost of doing business on the Internet, and budget for these services just as they would disaster recovery, data backups, and traditional network redundancy,” said Rob Malan, co-founder and CTO of Arbor Networks.
New Service to Secure Enterprise Network Attacks
- What’s Driving The Shift To Cryptocurrency Mining Malware?
- Embracing Opportunities And Challenges Of Digital Transformation
- Smart Cities Can Save 125 Hrs For Each Citizen Every Year: Study
- Why Enterprises Need To Automate Security Systems
- IT Leaders Struggling With Hyper-Converged Infrastructure: Study
- Ransomware Against IoT, Mobile On The Rise: SonicWall
- Employee Training: A Security Priority For Financial CISOs
- How To Become Cisco CCNA Security 210-260 Certified
- Women In Cybersecurity Face Harsh Reality: Study
- Helping You Escape Competition With UPI Payments