The Arbor Networks 8th Annual Worldwide Infrastructure Security Report Finds DDoS Has Become Part of Advanced Threat Landscape
BURLINGTON, MA, Jan 29, 2013 (MARKETWIRE via COMTEX) --
Arbor Networks Inc.
-- Advanced Persistent Threats a Top Concern for Providers and
Enterprises
-- Attack Sizes Plateau; Complex Multi-Vector Attacks on the Rise
-- Data Centers and Cloud Services are Increasingly Victimized
-- Mobile Operators Increase Capacity but Not Visibility
Arbor Networks Inc., a leading provider of network security and
management solutions for enterprise and service provider networks,
today released its 8th Annual Worldwide Infrastructure Security
Report (WISR) offering a rare view into the most critical security
challenges facing today's network operators. Among the key findings
this year, advanced persistent threats (APTs) are top of mind for
both service providers and enterprises; distributed denial of service
(DDoS) attacks have plateaued in size but become more complex; data
center and cloud services are especially attractive targets; and
mobile operators continue to be reactive in terms of network
visibility. The report also covers the impact of BYOD as well as
infrastructure issues such as VoIP and IPv6.
Based on survey data provided by network operators from around the
world, this annual report is designed to help network operators make
more informed decisions about their security strategies as they
relate to the integrity of mission-critical Internet and other
IP-based infrastructure. Arbor's long-standing customer relationships
and reputation as a trusted advisor and solution provider make this
report possible each year. Click here to access the Arbor Networks
8th Annual Worldwide Infrastructure Security Report.
"Since our founding, Arbor has worked with the world's most demanding
network operators. This annual report has been a true partnership
with our customers and the broader information security community,"
said Arbor Networks President Colin Doherty. "Again this year, the
report delivers valuable insight for service and cloud providers and
mobile and enterprise network operators."
Key Findings:
Advanced Persistent Threats (APTs) a Top Concern for Service
Providers and Enterprises
-- 61 percent named 'botted' or otherwise compromised hosts as top
concern
-- 55 percent named Advanced Persistent Threats (APTs) as top concern
Advanced threats are a well-established problem for enterprise network
operators. This year's survey found an increased level of concern
over 'botted' or compromised machines on provider networks. The
increase in botted hosts is not surprising given the number and
complexity of malware variants that exist, their rate of evolution
and the consequent inability of Intrusion Detection Systems (IDS) and
Anti-Virus (AV) systems to fully protect them. Looking ahead, there
is even more concern about APT, industrial espionage, data
exfiltration and malicious insiders.
DDoS: Attack Sizes Plateau; Complex Multi-Vector Attacks on the Rise
-- Largest attack reported was 60 Gbps, same as 2011; 2010 attack peak
was 100 Gbps
-- 46 percent reported multi-vector attacks
This year's results confirm that application-layer and multi-vector
attacks are continuing to evolve while volumetric attacks are
starting to plateau in terms of size. While 86 percent reported
application-layer attacks targeting Web services, most concerning is
that multi-vector attacks are up markedly. Attackers have now turned
to sophisticated, long-lived, multi-vector attacks -- combinations of
attack vectors designed to cut through the defenses an organization
has in place -- to achieve their goals. Multi-vector attacks are the
most difficult to defend against and require layered defenses for
successful mitigation. This year's report includes a case study on
the ongoing attacks against U.S. financial services organizations, a
great example of a multi-vector attack.
Data Centers and Cloud Services are Increasingly Victimized
-- 94 percent of data center operators reported attacks
-- 90 percent of those reported operational expenses as a business impact
As more companies move their services to the cloud, they now have to be
wary of the shared risks and the potential for collateral damage.
This correlates directly to the types of companies being targeted by
attackers, with e-commerce and online gaming sites increasingly
targeted, according to survey results this year.
Mobile Providers Continue to be Reactive
-- 60 percent do not have visibility into the traffic on their
mobile/evolved packet cores
There has been limited improvement in visibility or investment in
detection and mitigation solutions specific to the mobile network
since the last survey. The economics of consumer subscriber networks
do not incent providers to implement security until a problem occurs.
The number of mobile devices, along with the sophistication and power
of these devices, continues to increase year over year. We believe it
is only a matter of time before botnets and DDoS become more
prevalent within mobile infrastructure.
Bring Your Own Device (BYOD) Trend Creates New Challenges
-- 63 percent allow BYOD devices on the network
-- However, only 40 percent have the means to monitor those devices
In the growing trend commonly referred to as BYOD, half of respondents
now allow personal devices on their networks. However, only 40
percent have a means to monitor usage of these devices. Additionally,
only 13 percent actively block access to social media applications
and sites. Clearly, BYOD is creating more entry points for hackers to
enter the network.
DNS Infrastructure Remains Vulnerable
-- 27 percent experienced customer-impacting DDoS attacks on their DNS
infrastructure -- a significant increase over the 12 percent of
respondents from last year's survey
71 percent of respondents reported good visibility at Layers 3 and 4
but only 27 percent reported Layer 7 visibility. This lack of
visibility coupled with a lack of dedicated security personnel create
an ideal environment for attackers to exploit. Attackers now have
many targets from which to create reflection attacks.
IPv6 Deployments Becoming Pervasive
-- 80 percent indicated that they either have already deployed IPv6 or
have plans to deploy within the next 12 months
In last year's WISR, survey respondents acknowledged the first reports
of IPv6 DDoS attacks on production networks. Even though IPv6 DDoS
attacks were being reported, IPv6 security incidents were still
relatively rare at that time. Considering that 75 percent of survey
respondents are Service Providers, it's no great surprise that IPv6
deployments are accelerating today. This opens new opportunities for
attackers to bypass network controls by switching between IPv4 and
IPv6 networks.
Additional Resources:
-- Download the full report here: http://www.arbornetworks.com/report
-- Visit the Arbor Networks blog for a summary of key findings:
http://www.arbornetworks.com/blog/report
-- Download WISR infographics found on the Arbor Networks Pinterest page:
http://pinterest.com/arbornetworks/
-- Visit the Arbor Networks SlideShare page to download the WISR
presentation: http://www.slideshare.net/Arbor_Networks
-- Follow @arbornetworks and the #WISR12 hashtag on Twitter for more key
findings
Survey Scope and Demographics
-- Data covers October 2011 through September 2012
-- 130 respondents from a mixture of Tier 1, Tier 2/3, enterprise and
other types of network operators from all around the world; a 14
percent increase from last year's respondent pool
-- 64 percent of respondents are network or security operations
engineers, analysts or architects; the remaining are management or
executives
About Arbor Networks
Arbor Networks, Inc. is a leading provider of
network security and management solutions for enterprise and service
provider networks, including the vast majority of the world's
Internet service providers and many of the largest enterprise
networks in use today. Arbor's proven network security and management
solutions help grow and protect customer networks, businesses and
brands. Through its unparalleled, privileged relationships with
worldwide service providers and global network operators, Arbor
provides unequalled insight into and perspective on Internet security
and traffic trends via the ATLAS(R) Active Threat Level Analysis
System. Representing a unique collaborative effort with 250+ network
operators across the globe, ATLAS enables the sharing of real-time
security, traffic and routing information that informs numerous
business decisions.
For technical insight into the latest security threats and Internet
traffic trends, please visit our website at arbornetworks.com and our
blog at http://ddos.arbornetworks.com.
Trademark Notice: Arbor Networks, Peakflow, ArbOS, How Networks Grow,
ATLAS, Pravail, Arbor Optima, Cloud Signaling, the Arbor Networks
logo and Arbor Networks: Smart. Available. Secure. are all trademarks
of Arbor Networks, Inc. All other brand names may be trademarks of
their respective owners.
Contact:
Arbor Networks
Kevin Whalen
Director, Corporate Communications
Direct: +1 978 703 6663
E: kwhalen@arbor.net
SOURCE: Arbor Networks
mailto:kwhalen@arbor.net
[ Back To Cisco News 's Homepage ]
|