SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Arbor Networks marks 20 years of DDoS attacks against ISPs
Tue, 20th Sep 2016
FYI, this story is more than a year old

Arbor Networks has marked a worrying celebration: 20 years of distributed denial-of-service (DDoS) attacks that have attacked ISP networks. For such a milestone, the company has aimed to raise further awareness of the crippling attacks.

The company says that in September 1996, a New York City ISP called Panix was taken offline for several days after a SYN flood denial-of-service attack. This event was only the start of the 20-year cycle, with experts at the time saying there's no solution to the problem.

However, researchers quickly got on the case. At the University of Michigan, the Defense Advanced Research Projects Agency (DARPA) got on the case to find a solution.

Arbor Networks has also evolved with the DDoS attack threats for the past 16 years, and the company says a lot has changed but networks are still as important as ever.

“Availability is the starting point for our connected world, and it raises the stakes for network operators, and those who attack them. We've gone from a time 20 years ago with no answers to a time today that requires DDoS solutions that were purpose-built for the scale and complexity of modern attacks,” explains Eric Jackson, vice president of product management at Arbor Networks.

Given that DDoS attacks have morphed and evolved, the company is asking enterprises and providers if they've kept up to date too. With infrastructure lacking visibility and defence, protection is critical to preventing attacks.

Firewalls, single protection layers, intrusion protection systems (IPS) and content delivery networks (CDNs) just aren't enough, particularly as firewalls and ISPs are often DDoS attack targets and CDN or cloud protection doesn't protect critical business applications.

The company says that there are four factors that are increasing as DDoS attacks evolve.

Size: Forget the small attacks in the late 1990s, now they can be massive - Arbor Cloud reported the mitigation of a 600Gbps attack, the biggest on its records. The company predicts the attack size will increase to a massive 1.15Gbps by the end of the year, which is enough to bring most enterprises offline.

Frequency: DDoS attacks are becoming more frequent - 2.5 times more over the span of just three years. Hacktivism, free tools and for-hire services are helping attack numbers grow.

Complexity: DDoS attacks have also become more complex, with multi-vectors that can attack applications, bandwidth, infrastructure and services all at the same time.

Arbor Networks believes that Hybrid protection is the way to go, and IHS Infonetics Research backs this up.

“For customers, the benefits of hybrid solutions are clear: on-premises mitigation (which has recently become much more affordable for even mainstream enterprises) allows them to deal with the constant hum of volumetric attacks in lower bandwidth ranges (10G or less) at a fixed cost. Hybrid solutions also provide great protection for non-volumetric, or non-saturation attacks (like many application-layer attacks). The on-premises solutions can be integrated with the rest of their security infrastructure to provide continuous attack coverage and insight into multi-vector attacks that leverage DDoS as a single vector in a larger attack," the research concludes.