Story image

Arbor Networks marks 20 years of DDoS attacks against ISPs

20 Sep 16

Arbor Networks has marked a worrying celebration: 20 years of distributed denial-of-service (DDoS) attacks that have attacked ISP networks. For such a milestone, the company has aimed to raise further awareness of the crippling attacks.

The company says that in September 1996, a New York City ISP called Panix was taken offline for several days after a SYN flood denial-of-service attack. This event was only the start of the 20-year cycle, with experts at the time saying there's no solution to the problem.

However, researchers quickly got on the case. At the University of Michigan, the Defense Advanced Research Projects Agency (DARPA) got on the case to find a solution.

Arbor Networks has also evolved with the DDoS attack threats for the past 16 years, and the company says a lot has changed but networks are still as important as ever.

“Availability is the starting point for our connected world, and it raises the stakes for network operators, and those who attack them. We’ve gone from a time 20 years ago with no answers to a time today that requires DDoS solutions that were purpose-built for the scale and complexity of modern attacks,” explains Eric Jackson, vice president of product management at Arbor Networks.

Given that DDoS attacks have morphed and evolved, the company is asking enterprises and providers if they've kept up to date too. With infrastructure lacking visibility and defence, protection is critical to preventing attacks.

Firewalls, single protection layers, intrusion protection systems (IPS) and content delivery networks (CDNs) just aren't enough, particularly as firewalls and ISPs are often DDoS attack targets and CDN or cloud protection doesn't protect critical business applications.

The company says that there are four factors that are increasing as DDoS attacks evolve.

Size: Forget the small attacks in the late 1990s, now they can be massive - Arbor Cloud reported the mitigation of a 600Gbps attack, the biggest on its records. The company predicts the attack size will increase to a massive 1.15Gbps by the end of the year, which is enough to bring most enterprises offline.

Frequency: DDoS attacks are becoming more frequent - 2.5 times more over the span of just three years. Hacktivism, free tools and for-hire services are helping attack numbers grow.

Complexity: DDoS attacks have also become more complex, with multi-vectors that can attack applications, bandwidth, infrastructure and services all at the same time.

Arbor Networks believes that Hybrid protection is the way to go, and IHS Infonetics Research backs this up.

“For customers, the benefits of hybrid solutions are clear: on-premises mitigation (which has recently become much more affordable for even mainstream enterprises) allows them to deal with the constant hum of volumetric attacks in lower bandwidth ranges (10G or less) at a fixed cost. Hybrid solutions also provide great protection for non-volumetric, or non-saturation attacks (like many application-layer attacks). The on-premises solutions can be integrated with the rest of their security infrastructure to provide continuous attack coverage and insight into multi-vector attacks that leverage DDoS as a single vector in a larger attack," the research concludes.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”