Cyber-attacks are becoming more difficult to defend against and are expensive to mitigate, according to a recent survey from F5 Networks.
Attackers are increasingly
hitting networks and applications while organizations are struggling to
mitigate the effects of the attack using traditional defenses, according to the
latest survey from F5 Networks.
About a third of the
respondents of the survey of senior IT managers in 1,000 organizations around
the world said that traditional defenses were not able to protect against
complex blended threats, F5 Networks said in a report released Nov. 7. The
"most worrisome" threat reported by the IT managers was that existing
defenses had trouble defending against four out of the top five types of
attack, according to the report.
Attacks are getting more
difficult and expensive to defend, Alan Murphy, senior technical marketing
manager for F5 Networks, told eWEEK.
Domain Name Server (DNS) attacks were the most frequent type of attacks faced
by organizations, the most difficult to defend against and had the highest
impact on enterprises, the survey found.
"There haven't been a
lot of changes in the DNS architecture since it was originally designed,"
Murphy said. DNS attacks included denial of service, domain spoofing and cache
poisoning to divert users to malicious sites, according to Murphy.
Other types of attacks that
were difficult for enterprises to defend against included network-layer
denial-of-service attacks, improperly accessing encrypted data, misconfigured
systems and application layer denial-of-service attacks, according to the
survey. Adversaries were increasingly launching cross-site scripting, SQL
injection, cross-site request forgery and directory traversal attacks against
organizations, the survey found.
About 38 percent of the survey
respondents said traditional defenses performed less than "somewhat
well" in protecting against complex, blended threats, F5 said. More than
half, or 53 percent, of the respondents also said there was a network
performance impact from these security safeguards.
"fall short" because threats are constantly evolving, according to
Murphy. About 42 percent of the survey respondents said a firewall failed
during a network-layer denial-of-service attack in the past 12 months,
according to F5 Networks. About 36 percent claimed the firewall failed during
an application-level denial-of-service attack.
All the organizations that
were breached in the survey claimed to have suffered some kind of loss,
including stolen funds and data, regulatory fines, loss of customer trust, lost
revenue and lost productivity. Organizations typically lost $682,000 in the
past 12 months, Murphy said.
Just encrypting the data was
not sufficient, since organizations needed to control how the data was being
accessed, Murphy said. Toward that end, 92 percent of the survey participants
said they consider application delivery controllers (ADC) an appropriate
alternative to traditional security products, F5 Networks found. According to
survey results, 74 percent said they are deploying ADCs for application
security and about the same number are implementing them for access control.
Approximately 64 percent rely on ADCs for traffic-inspection-based security,
the survey found.
Organizations need to have
context to understand network traffic. To be able to properly deliver
applications on the network, the IT department has to know who is accessing the
network or data, from where it is being accessed and what kind of device is
being used, he said.
In the case of a denial-of-service
attack on a DNS server or on the network, it is hard to mitigate if the IT
department can't correlate the various streams and identify them as part of a
single attack, Murphy said.