Arbor Networks Releases Q3 Report on Global DDoS Attack Trends

Findings on the latest CSI (News - Alert) Computer Crime & Security Survey revealed that DDoS incidents, including those delivering packet floods, are a growing concern for 2013 and beyond. The research also discovered that many IT managers are highly concerned about the attack size (as it is rising) and frequency of business-related DDoS attacks.

Such threats have become more frequent, dangerous and sophisticated over the years, and they have not only caused loss of data or devices to fail or crash, but also made an impact on machine-to-machine communications (M2M), on mobile applications and on the availability of websites.

Arbor Networks’ (News - Alert) globally scoped threat analysis and monitoring system – the Active Threat Level Analysis System (ATLAS) – which is intended to provide real-time attack statistics, shows viewers that attacks are launched globally.

Arbor is a company that provides Internet-wide research (i.e., visibility into Internet traffic patterns and threat evolution) and product innovation; it delivers network security and management for the enterprise, service providers and the government.

Arbor just released its Q3 Global DDoS Attack Trends Data report of 2013 on DDoS size, which “shows that DDoS continues to be a global threat, with alarming increases in attack size this year.” It also notes that such incidents have picked up in volume and intensity over the past year.

The report also highlights the importance of products and services to protect customers' infrastructure from current and future attacks,” said Darren Anstee, Solutions Architect for Arbor Networks. He also mentioned DDoS incidents are getting harder to detect and identify, and even more difficult to stop.

As a provider of DDoS that specializes in detection, prevention and mitigation, as well as advanced threat protection solutions, Arbor Networks brought to light the magnitude of such threats on an hourly basis; this is along with information gathered (shown in key findings) by Arbor's Security Engineering & Response Team -- ASERT.

The ASERT information and threat intelligence reads as follows: “In Q2, ATLAS monitored 47Tb/sec of peak IPv4 traffic. In Q3, that number rose 46 percent to 69Tb/sec.”

KEY FINDINGS: DDoS attack size is accelerating rapidly, as per findings on the global honeypot network, data from malware / attack tool research, and information from third-party security organizations.

54 percent of attacks so far this year are over 1Gb/sec; that’s up from 33 percent last year

37 percent of attacks so far this year are in the 2-10 Gb/sec range; this is up from 15 percent in 2012

44 percent growth in proportion of attacks over 10Gb/sec; this accounts for 4 percent of all attacks

More than 350 percent growth in the number of attacks monitored at over 20Gb/sec so far this year, as compared to the duration of 2012

This year the average DDoS attack now stands at 2.64Gb/sec; that’s up 78 percent from 2012

87 percent of all attacks monitored so far this year last less than one hour

The largest monitored and verified attack size shows it increases significantly to 191Gb/sec

The effects of DDoS can negatively impact business operations, services on the server and ultimately deny the availability of networked PC functions (to include mobility-driven devices) for legitimate users.

Therefore, it is vital for computer users to understand the risks and know how to prevent them -- such as setting up a firewall, utilizing packet filters on the router, implementing logging with ACLs, deploying IPS/IDS devices in front of the servers, and the installation of security software for DDoS protection and mitigation -- before it is too late and they become a victim.

The likelihood of these types of threats happening to a computer user is high. Users must never think they will not be a target; everyone is at risk. Preventing the attacks should be a priority for all.

It is crucial, IT security experts say, to be responsive and implement the necessary security hardware/software solutions ahead of time so as not to deal with a last minute crisis and have to figure out what needs to be done under pressure. With the right DDoS protection and strategy, one can deal with the malicious hacker who is attempting to find a loophole in the computer or network infrastructure where s/he has the ability to compromise systems or applications remotely.

At the end of the day, all end-users can be subjected to a DDoS incident, so by planning ahead, perhaps doing an information security risk assessment and preparing for such an occurrence in advance (to know how to react proactively and in a timely manner), one may survive the attack successfully.