Home / News

DDoS Attacks Getting More Powerful, ISPs Report Concern Over New Threats and Budget Pressures

Massive distributed denial of service (DDoS) attacks against ISPs and their customers have almost doubled over the past year, according to a new security report.

Attacks on networks making them unavailable to intended users — also known as distributed denial of service (DDoS) attacks — exceeded 40 gigabits in the last year according to Arbor Networks' annual survey of ISPs from North America, South America, Europe and Asia.

In addition to a significant rise in the volume of attacks against network infrastructure, the survey has also found that smaller and more sophisticated attacks — including service-level and application-targeted attacks, DNS poisoning, and route hijacking — are more difficult to manage than larger, brute force attacks and can cause a serious disruption in network service or enable further compromise.

"This year's report underscores the twofold challenges faced by ISPs today," said Danny McPherson, chief security officer for Arbor Networks. "ISPs are currently waging a multi-faceted battle as they face increased cost and revenue pressure, along with multi-threaded attacks that are growing in size, frequency and sophistication. The good news is that through improved communications and information sharing in the operational security community — this report included — the service provider community will be better prepared for the fight against Internet threats today and in the future."

When asked to rank threats that they believe would pose the largest problems over the next 12 months, bots and botnets again took the top spot, followed closely by DNS cache poisoning and BGP route hijacking. Source: Arbor Networks

The key findings in the report include:

ISPs Fight New Battles. In the last four surveys, ISPs reportedly spent most of their available security resources combating distributed denial of service (DDoS) attacks. For the first time, this year ISPs describe a far more diversified range of threats, including concerns over domain name system (DNS) spoofing, border gateway protocol (BGP) hijacking and spam. Almost half of the surveyed ISPs now consider their DNS services vulnerable. Others expressed concern over related service delivery infrastructure, including voice over IP (VoIP) session border controllers (SBCs) and load balancers.

Attacks Now Exceed 40 Gigabits. From relatively humble megabit beginnings in 2000, the largest DDoS attacks have now grown a hundredfold to break the 40 gigabit barrier this year. The growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and ISP infrastructure investment. The below graph shows the yearly reported maximum attack size.

Services Under Threat. Over half of the surveyed providers reported growth in sophisticated service-level attacks at moderate and low bandwidth levels attacks specifically designed to exploit knowledge of service weakness like vulnerable and expensive back-end queries and computational resource limitations. Several ISPs reported prolonged (multi-hour) outages of prominent Internet services during the last year due to application-level attacks.

Fighting Back. The majority of ISPs now report that they can detect DDoS attacks using commercial or open source tools. This year also shows significant adoption of inline mitigation infrastructure and a migration away from less discriminate techniques like blocking all customer traffic (including legitimate traffic) via routing announcements. Many ISPs also report deploying walled-garden and quarantine infrastructure to combat botnets.

Related Links:
Arbor Networks Publishes Fourth Annual Worldwide Worldwide Infrastructure Security Report (Arbor Netowrks, 11/11/2008)
2008 Worldwide Infrastructure Security Report (Arbor Security Blog, 11/11/2008)
Copy of the Full Report (Free Registration Required)
Distributed DoS Attacks Surging in Scale, ISPs Report (NetworkWorld, 11/11/2008)

Related topics: Cyberattack, Cybercrime, DDoS, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

New from Verisign Labs - Measuring Privacy Disclosures in URL Query Strings

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Continuing to Work in the Public Interest

Verisign Named to the OTA's 2014 Online Trust Honor Roll

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Dyn Acquires Internet Intelligence Company, Renesys

Tips to Address New FFIEC DDoS Requirements

Smokescreening: Data Theft Makes DDoS More Dangerous

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Verisign

Security

Sponsored by
Verisign
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Afilias

DNS Security

Sponsored by
Afilias