DDoS Attacks Set To Get Bigger Following 500Gbps World Record

DDoS attacks are becoming bigger and more sophisticated, according to a new report, which detailed a world record 550Gbps attack last year.

Arbor Networks 11th Annual Worldwide Infrastructure Security Report (WISR) surveyed businesses and service providers, and examined the key cyber security trends and concerns facing today’s organisations, and the ways in which these firms are mitigating those threats.

It warned that cyber extortion, cloud attacks, and firewall failures are all likely to increase. But it was DDoS attacks that remained the most commonly experienced threat.

Bigger, Badder

“A constantly evolving threat environment is an accepted fact of life for survey respondents,” said Arbor Networks Chief Security Technologist Darren Anstee. “This report provides broad insight into the issues that network operators around the world are grappling with on a daily basis.

“Furthermore, the findings from this report underscore that technology is only part of the true story since security is a human endeavour and there are skilled adversaries on both sides,” said Anstee. Thanks to the information provided by network operators worldwide, we are able to offer insights into people and process, providing a much richer and more vibrant picture into what is happening on the front lines.”

The report identified a number of key DDoS trends, which includes a change in attack motivation, as the top motivating factor is no longer hacktivism or vandalism, but simply ‘criminals demonstrating attack capabilities,’ something typically associated with cyber extortion attempts.

In addition to the world record 500Mbps assault, other reported DDoS attacks include 450 Gbps, 425 Gbps and 337 Gbps.

And the complexity associated with these attacks is also increasing. Arbor found that 56 percent of respondents reported multi-vector attacks that targeted infrastructure, applications and services simultaneously, up from 42 percent last year. Meanwhile 93 percent reported application-layer DDoS attacks. The most common service targeted by application-layer attacks is now DNS (rather than HTTP).

Other Trends

And it seems that the cloud is also increasingly under attack. Two year ago 19 percent of respondents saw attacks targeting their cloud-based services. But this grew to 29 percent last year, and now to 33 percent this year. Indeed, 51 percent of data centre operators saw DDoS attacks saturate their Internet connectivity. There was also a sharp increase in data centers seeing outbound attacks from servers within their networks, up to 34 percent from 24 percent last year.

The report also highlighted firewall failures during DDoS attacks, after more than half of enterprise respondents reported a firewall failure as a result of a DDoS attack, up from one-third a year earlier.

But enterprises are responding to the worsening threat landscape by focusing on a better response to an attack. Indeed, 57 percent of enterprises are looking to deploy solutions to speed up their incident response processes.

Better planning is another key response, after more and more enterprise respondents developed formal incident response plans. Encouragingly, they have also dedicated at least some resources to respond to such incidents, up from around two-thirds last year to 75 percent this year.

The ongoing threat from insider staff continues to be an issue, with 17 percent of enterprise respondents seeing malicious insiders, compared to 12 percent last year.

And nearly 40 percent of all enterprise respondents still do not have tools deployed to monitor BYOD devices on the network. BYOD it seems remains the security worry that many predicted, after the proportion reporting security incidents relating to BYOD doubled, to 13 percent from six percent last year.

Are you a security pro? Try our quiz!