Businesses Face Huge Upturn in DDoS Attacks

The size, complexity and frequency of cyber-attacks continues to rise, with customer infrastructure and data centres becoming prime targets and the average distributed denial of service (DDoS) attack now 50 times bigger than it was a decade ago, according to Arbor Networks.

The company, which monitors a third of Internet traffic worldwide, has issued its 10th annual Worldwide Infrastructure Security Report (WISR) on the most critical security challenges facing today’s businesses and the best strategies to fight against them.

Key findings from the report include:

  • Attackers are becoming more targeted: The majority of organisations targeted are customer facing services and applications, with nearly half of organisations surveyed indicating that they saw attacks against their infrastructure.
  • The threat landscape has evolved: The largest DDoS attack reported in 2014 was 400 gigabits per second (gbps); while 10 years ago the largest reported attack was only 8gbps.
  • Security incidents are up but enterprises are not fully prepared to respond: Just over one third of respondents indicated an increase in security incidents this year.
  • Reputational damage is more apparent: Nearly 40% of respondents indicated reputational damage or customer loss due to a DDoS attack.
  • Application-layer attacks were experienced by 90% of respondents in 2014: A decade ago, 90% of respondents cited simple “brute force” flood attacks as the most common attack vector.
  • The human element continues to be a factor in defensive capabilities: This is true not just today, but throughout the last 10 years of WISR reporting. In the past year alone, 59% of respondents reported difficulty hiring and retaining skilled personnel within their security organisations.

“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and, data breaches were most likely carried out by employees who had direct access to data files,” said Arbor Networks director of solutions architects Darren Anstee.

“Today, organisations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend. The business impact of a successful attack or breach can be devastating – the stakes are much higher now.”


Related reading