sb-nz logo
Story image

Arbor Networks marks 20 years of DDoS attacks against ISPs

20 Sep 2016

Arbor Networks has marked a worrying celebration: 20 years of distributed denial-of-service (DDoS) attacks that have attacked ISP networks. For such a milestone, the company has aimed to raise further awareness of the crippling attacks.

The company says that in September 1996, a New York City ISP called Panix was taken offline for several days after a SYN flood denial-of-service attack. This event was only the start of the 20-year cycle, with experts at the time saying there's no solution to the problem.

However, researchers quickly got on the case. At the University of Michigan, the Defense Advanced Research Projects Agency (DARPA) got on the case to find a solution.

Arbor Networks has also evolved with the DDoS attack threats for the past 16 years, and the company says a lot has changed but networks are still as important as ever.

“Availability is the starting point for our connected world, and it raises the stakes for network operators, and those who attack them. We’ve gone from a time 20 years ago with no answers to a time today that requires DDoS solutions that were purpose-built for the scale and complexity of modern attacks,” explains Eric Jackson, vice president of product management at Arbor Networks.

Given that DDoS attacks have morphed and evolved, the company is asking enterprises and providers if they've kept up to date too. With infrastructure lacking visibility and defence, protection is critical to preventing attacks.

Firewalls, single protection layers, intrusion protection systems (IPS) and content delivery networks (CDNs) just aren't enough, particularly as firewalls and ISPs are often DDoS attack targets and CDN or cloud protection doesn't protect critical business applications.

The company says that there are four factors that are increasing as DDoS attacks evolve.

Size: Forget the small attacks in the late 1990s, now they can be massive - Arbor Cloud reported the mitigation of a 600Gbps attack, the biggest on its records. The company predicts the attack size will increase to a massive 1.15Gbps by the end of the year, which is enough to bring most enterprises offline.

Frequency: DDoS attacks are becoming more frequent - 2.5 times more over the span of just three years. Hacktivism, free tools and for-hire services are helping attack numbers grow.

Complexity: DDoS attacks have also become more complex, with multi-vectors that can attack applications, bandwidth, infrastructure and services all at the same time.

Arbor Networks believes that Hybrid protection is the way to go, and IHS Infonetics Research backs this up.

“For customers, the benefits of hybrid solutions are clear: on-premises mitigation (which has recently become much more affordable for even mainstream enterprises) allows them to deal with the constant hum of volumetric attacks in lower bandwidth ranges (10G or less) at a fixed cost. Hybrid solutions also provide great protection for non-volumetric, or non-saturation attacks (like many application-layer attacks). The on-premises solutions can be integrated with the rest of their security infrastructure to provide continuous attack coverage and insight into multi-vector attacks that leverage DDoS as a single vector in a larger attack," the research concludes.

Story image
Cybersecurity market continues meteoric ascent
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Kiwis dont care enough about cybersecurity
New Zealanders are not adjusting their behaviours around cybersecurity fast enough.More