Story image

Arbor Networks marks 20 years of DDoS attacks against ISPs

20 Sep 2016

Arbor Networks has marked a worrying celebration: 20 years of distributed denial-of-service (DDoS) attacks that have attacked ISP networks. For such a milestone, the company has aimed to raise further awareness of the crippling attacks.

The company says that in September 1996, a New York City ISP called Panix was taken offline for several days after a SYN flood denial-of-service attack. This event was only the start of the 20-year cycle, with experts at the time saying there's no solution to the problem.

However, researchers quickly got on the case. At the University of Michigan, the Defense Advanced Research Projects Agency (DARPA) got on the case to find a solution.

Arbor Networks has also evolved with the DDoS attack threats for the past 16 years, and the company says a lot has changed but networks are still as important as ever.

“Availability is the starting point for our connected world, and it raises the stakes for network operators, and those who attack them. We’ve gone from a time 20 years ago with no answers to a time today that requires DDoS solutions that were purpose-built for the scale and complexity of modern attacks,” explains Eric Jackson, vice president of product management at Arbor Networks.

Given that DDoS attacks have morphed and evolved, the company is asking enterprises and providers if they've kept up to date too. With infrastructure lacking visibility and defence, protection is critical to preventing attacks.

Firewalls, single protection layers, intrusion protection systems (IPS) and content delivery networks (CDNs) just aren't enough, particularly as firewalls and ISPs are often DDoS attack targets and CDN or cloud protection doesn't protect critical business applications.

The company says that there are four factors that are increasing as DDoS attacks evolve.

Size: Forget the small attacks in the late 1990s, now they can be massive - Arbor Cloud reported the mitigation of a 600Gbps attack, the biggest on its records. The company predicts the attack size will increase to a massive 1.15Gbps by the end of the year, which is enough to bring most enterprises offline.

Frequency: DDoS attacks are becoming more frequent - 2.5 times more over the span of just three years. Hacktivism, free tools and for-hire services are helping attack numbers grow.

Complexity: DDoS attacks have also become more complex, with multi-vectors that can attack applications, bandwidth, infrastructure and services all at the same time.

Arbor Networks believes that Hybrid protection is the way to go, and IHS Infonetics Research backs this up.

“For customers, the benefits of hybrid solutions are clear: on-premises mitigation (which has recently become much more affordable for even mainstream enterprises) allows them to deal with the constant hum of volumetric attacks in lower bandwidth ranges (10G or less) at a fixed cost. Hybrid solutions also provide great protection for non-volumetric, or non-saturation attacks (like many application-layer attacks). The on-premises solutions can be integrated with the rest of their security infrastructure to provide continuous attack coverage and insight into multi-vector attacks that leverage DDoS as a single vector in a larger attack," the research concludes.

Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.