Arbor Networks’ Research Finds 36% Increase in Advanced Persistent Threats and Attacks against Mobile Networks Doubled
January 2014 by Arbor Networks
Arbor Networks, Inc. released its 9th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today’s network operators. Based on survey data provided by service provider, enterprise, cloud, hosting and other network operators from around the world, this annual report provides a real-world view of the security threats that organisations face and the strategies they adopt to address them.
Arbor’s long-standing customer relationships and reputation as a trusted advisor and solution provider make this report possible each year. Click here (registration required) to access the Arbor Networks 9th Annual Worldwide Infrastructure Security Report.
“From the ISP to the enterprise, IT and security teams are facing a dynamic threat landscape and very skilled and patient adversaries. Our ninth annual report showcases that very clearly,” said Matthew Moynahan, president of Arbor Networks. “There is no single, magic bullet solution and it is a mistake to think technology alone can secure a network. Multi-layered defences are clearly needed, but so is a commitment to best practices for people and process.”
Internal Network and Advanced Persistent Threats
· Respondents ranked botted hosts as their number one concern
· The proportion of respondents seeing APTs on their networks has increased from 22 percent to 30 percent year over year
· 57 percent of survey respondents do not have a solution deployed to identify employee-owned devices accessing the corporate network
DDoS attacks against mobile networks more than doubled
· Nearly a quarter of those respondents offering mobile services indicated that they have seen DDoS attacks impacting their mobile Internet (Gi) infrastructure. This represents more than double the proportion seen last year.
· More than 20 percent offering mobile services indicated that they have suffered a customer-visible outage due to a security incident, down slightly from about one-third last year.
Application-layer attacks have become ubiquitous
· Application-layer attacks are now common with almost all respondents indicating they have seen them during this survey period.
· Continued strong growth in application-layer attacks targeting encrypted Web services (HTTPS) - up 17 percent over last year.
Dramatic Rise in DDoS Attack Size
· In all previous years of the survey, the largest reported attack was 100 Gbps. This year, attacks peaked at 309 Gbps and multiple respondents reported attacks larger than 100 Gbps.
Data centers are a magnet for DDoS attacks
· More than 70 percent operating data centers reported DDoS attacks this year, up dramatically from under a half last year.
· More than a third experienced attacks that exceeded total available Internet connectivity, nearly double last year.
· About 10 percent saw more than 100 attacks per month.
DNS infrastructure remains vulnerable
· Just over one-third experienced customer-impacting DDoS attacks on DNS infrastructure—an increase from a quarter last year.
· More than a quarter indicated that there is no security group within their organisations with formal responsibility for DNS security, up from 19 percent last year. This increase is surprising given the number of high-profile DNS reflection/amplification attacks that were seen during the survey period.
Survey Scope & Demographics
· 220 responses, up from 130 last year, from a mix of Tier 1 and Tier 2/3 service providers, hosting, mobile, enterprise and other types of network operators from around the world.
· More than 68 percent of respondents this year are service providers, giving us a global view into the traffic and threats targeting their networks, services and customers.
· Data covers November, 2012 through October, 2013