Story image

Arbor Networks marks 20 years of DDoS attacks against ISPs

20 Sep 2016

Arbor Networks has marked a worrying celebration: 20 years of distributed denial-of-service (DDoS) attacks that have attacked ISP networks. For such a milestone, the company has aimed to raise further awareness of the crippling attacks.

The company says that in September 1996, a New York City ISP called Panix was taken offline for several days after a SYN flood denial-of-service attack. This event was only the start of the 20-year cycle, with experts at the time saying there's no solution to the problem.

However, researchers quickly got on the case. At the University of Michigan, the Defense Advanced Research Projects Agency (DARPA) got on the case to find a solution.

Arbor Networks has also evolved with the DDoS attack threats for the past 16 years, and the company says a lot has changed but networks are still as important as ever.

“Availability is the starting point for our connected world, and it raises the stakes for network operators, and those who attack them. We’ve gone from a time 20 years ago with no answers to a time today that requires DDoS solutions that were purpose-built for the scale and complexity of modern attacks,” explains Eric Jackson, vice president of product management at Arbor Networks.

Given that DDoS attacks have morphed and evolved, the company is asking enterprises and providers if they've kept up to date too. With infrastructure lacking visibility and defence, protection is critical to preventing attacks.

Firewalls, single protection layers, intrusion protection systems (IPS) and content delivery networks (CDNs) just aren't enough, particularly as firewalls and ISPs are often DDoS attack targets and CDN or cloud protection doesn't protect critical business applications.

The company says that there are four factors that are increasing as DDoS attacks evolve.

Size: Forget the small attacks in the late 1990s, now they can be massive - Arbor Cloud reported the mitigation of a 600Gbps attack, the biggest on its records. The company predicts the attack size will increase to a massive 1.15Gbps by the end of the year, which is enough to bring most enterprises offline.

Frequency: DDoS attacks are becoming more frequent - 2.5 times more over the span of just three years. Hacktivism, free tools and for-hire services are helping attack numbers grow.

Complexity: DDoS attacks have also become more complex, with multi-vectors that can attack applications, bandwidth, infrastructure and services all at the same time.

Arbor Networks believes that Hybrid protection is the way to go, and IHS Infonetics Research backs this up.

“For customers, the benefits of hybrid solutions are clear: on-premises mitigation (which has recently become much more affordable for even mainstream enterprises) allows them to deal with the constant hum of volumetric attacks in lower bandwidth ranges (10G or less) at a fixed cost. Hybrid solutions also provide great protection for non-volumetric, or non-saturation attacks (like many application-layer attacks). The on-premises solutions can be integrated with the rest of their security infrastructure to provide continuous attack coverage and insight into multi-vector attacks that leverage DDoS as a single vector in a larger attack," the research concludes.

Australians unsure of who is responsible for the safety of their information
According to a recent survey conducted by SOTI, Australians are increasingly concerned about the security of their health records.
Europol makes 61 arrests & nets €6.2 million in dark web crackdown
60 experts from 19 countries, Europol, and Eurojust were involved in hunting for activities including the illegal sale and signs of counterfeit goods and money, drugs, cybercrime, document fraud, non-cash payment fraud, trafficking in human beings and trafficking in firearms and explosives. 
The silver lining in Australia’s Government cloud strategy
Cloud has been a huge part of the ‘digital transformation’ conversation within Australian government during recent years.
Milestone: How video and IoT are finding their place in enterprise
Milestone Systems South Pacific country manager Jordan Cullis talks about three trends that will revolutionise the way video is viewed in 2019 and beyond.
Largest DDoS-for-hire websites responsible for 11% of attacks worldwide – Nexusguard
The FBI’s shutdown of the world’s 15 largest DDoS-for-hire “booter” websites in December resulted in 85% decrease in average attack sizes, year-over year.
Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.