Your Network Under Attack – How the DDoS Threat Is Growing

IT infrastructure that's been knocked offline by malicious attacks is the stuff of IT managers' nightmares. Unfortunately, it's becoming a reality for an increasing number of organisations.

That's according to the latest Worldwide Infrastructure Security Report by network security firm Arbor Networks.

DDoS attacks on the rise

The report's authors quizzed security and networking professionals about the size and prevalence of DDoS attacks seen over the past year. The report found that DDoS attacks had grown larger and more frequent.

Most attacks were volumetric – seeking to knock the targets offline by generating vast volumes of unwanted traffic.

Survey respondents reported a marked increase in the scale of the larger attacks. In 2014, a fifth of service providers reported seeing an attack over 50Gbps. By 2015, a quarter of service providers reported seeing attacks over 100Gbps.

While the largest DDoS attack generated a reported 500 Gbps of traffic, most attacks were far smaller.The mean attack size was just 760Mbps – a far lower figure, but enough to make most servers unreachable or to make an office's Internet connection unusable.

Who is most at risk?

Two thirds of DDoS attacks were against ordinary businesses, not IT service providers. According to the service providers surveyed:

• 66 per cent of attacks targeted customers
• 19 per cent of attacks targeted service infrastructure
• 17 per cent of attacks targeted network infrastructure
• 10 per cent of attacks had other targets

Some attacks had multiple targets, so these figures add up to more than 100 per cent.

More than half of data centre operators (51 per cent) said they had been victims of attacks that had “completely saturated their internet connectivity”, up from 35 per cent in 2014. However, the good news is that the number of DDoS attacks against data centres is actually declining - with 55 per cent reporting problems in 2015, compared to around 66 per cent in 2014 and 71 per cent in 2013.

But attacks against service providers are on the up. Some 44 per cent reported more than 21 DDoS attacks a month, a jump from 38 per cent the prior year.

The effects of a DDoS on your business or organisation

The key effect for ordinary businesses and organisations, classed as Enterprise, Government and Education (EGEs) by Arbor Networks, was the cost of fighting off the attacks and the loss of revenues suffered as a result. There is also the added damage to their brand or reputation if successful attacks are publicised.

More than a third of EGEs said they had suffered attacks during 2015, and the figure climbed to 45 per cent for banking groups and 43 per cent for government organisations.

UK businesses are among attackers' key international targets. Despite being home to just one per cent of the global population, Britain suffered an estimated 4.2 per cent of the world’s DDoS attacks last year.

The challenge of fighting back

More than half of the EGEs that responded to the survey said their firewall or Intrusion Prevention System (IPS) devices had been overwhelmed during a DDoS attack.

These weren't the only lines of defence available, however. An increasing proportion of respondents now use intelligent DDoS mitigation systems (IDMS). Around 43 per cent utilise this option, a rise of 10 per cent on 2014.

Despite this increased sophistication, only a quarter of EGEs were able to mitigate DDoS attacks in less than 15 minutes.

Attack durations have remained broadly similar over the past few years – with 91% of DDoS attacks lasting less than an hour. But the frequency of these attacks has increased.

In part two, we'll look at what you can do to protect yourself against DDoS attacks.