DDoS Attack Volume on the Rise
Arbor's 10th Annual Worldwide Infrastructure Security Report points to the growing attack bandwidth and application layer attacks.The attack landscape has shifted over the last 10 years, with attackers increasingly going after applications, according to Arbor Networks' 10th Annual Worldwide Infrastructure Security Report (WISR). The new study is based on responses from 287 service providers, including hosting, mobile, enterprise and global network operators. "Looking back to our first report 10 years ago, 90 percent of respondents saw volumetric DDoS [distributed denial-of-service] attacks on their networks," Gary Sockrider, solutions architect at Arbor Networks, told eWEEK. "This year, 90 percent saw application-layer DDoS attacks, which weren't even being discussed back then." DDoS attacks have also grown in terms of the attack bandwidth volume in recent years. The Arbor report found that the largest DDoS attack in 2014 reached a peak of 400G bps. In contrast, the largest attack in 2004 was only 8G bps. Large-bandwidth attacks are also becoming more common, with Sockrider noting that 159 DDoS events in 2014 exceeded 100G bps. Organizations typically leverage firewall technology to help mitigate security risks; however, the Arbor report found that one-third of organizations had firewalls that failed due to a DDoS incident. Unfortunately, many organizations are still using firewalls and intrusion prevention systems (IPSes) to defend against DDoS attacks, Sockrider said.
"Since these devices typically maintain state tables for the traffic passing through them, they become the victim of state exhaustion DDoS attacks," he said. "One positive trend we saw this year was the increased use of Intelligent DDoS Mitigation Systems to protect the firewalls and other infrastructure from these kinds of attacks."