Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, January 31, 2013

DDoS attack sizes plateau, complex multi-vector attacks on the rise

Arbor Networks released its 8th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today’s network operators. Based on survey data provided by network operators from around the world, this annual report is designed to help network operators make more informed decisions about their security strategies as they relate to the integrity of mission-critical Internet and other IP-based infrastructure. The increase in botted hosts is not surprising given the number and complexity of malware variants that exist, their rate of evolution and the consequent inability of Intrusion Detection Systems (IDS) and Anti-Virus (AV) systems to fully protect them.

DDoS: Attack sizes plateau; complex multi-vector attacks on the rise - The largest attack reported was 60 Gbps, same as 2011; and 46 percent reported multi-vector attacks.

This year’s results confirm that application-layer and multi-vector attacks are continuing to evolve while volumetric attacks are starting to plateau in terms of size. ...  Attackers have now turned to sophisticated, long-lived, multi-vector attacks – combinations of attack vectors designed to cut through the defenses an organization has in place – to achieve their goals. ...  This year’s report includes a case study on the ongoing attacks against U.S. financial services organizations, a great example of a multi-vector attack.

Data centers and cloud services are increasingly victimized - 94 percent of data center operators reported attacks, and 90 percent of those reported operational expenses as a business impact.

As more companies move their services to the cloud, they now have to be wary of the shared risks and the potential for collateral damage.  DNS infrastructure remains vulnerable - 27 percent experienced customer-impacting DDoS attacks on their DNS infrastructure—a significant increase over the 12 percent of respondents from last year’s survey. 71 percent of respondents reported good visibility at Layers 3 and 4 but only 27 percent reported Layer 7 visibility.


Posted on 01/31