Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, February 09, 2012

Service providers lack confidence in LEAs

Arbor Networks’ 7th annual Worldwide Infrastructure Security Report presents a view of 2011 security through the eyes of the providers: ISPs, hosting companies, and service providers. “Ideology was the most common factor for DDoS in 2011,” it notes, “followed by a desire to vandalize.”  Since we have seen hacktivists willing to issue a general ‘call to arms’ and even provide the tools to take part in attacks, it represents, concludes Arbor, ‘a sea-change in the risk-assessment model’ for both network operators and their customers.

They are still rare, indicating that the slow uptake of IPv6 makes it “not yet economically or operationally significant enough to warrant serious attention by the Internet criminal underground.”

However, there has been a significant increase in large flood-based attacks in excess of 10 Gbps, constituting “an extremely serious threat to network infrastructure and ancillary support services such as DNS, not to mention end-customer properties.”

Two things that might surprise network customers are the providers’ concern over the effectiveness of stateful firewalls, IPS and load-balancing devices in the face of DDoS attacks, and what Arbor describes as the “perennial disengagement of most network operators from law enforcement.”

On law enforcement, network operators lack confidence in LEA’s ability and willingness to investigate online attacks, and “evince strong dissatisfaction with current governmental efforts to protect critical infrastructure.”

Posted on 02/09