Application-level attacks biggest concern for ISPs

Share this article:
IP network operators believe that distributed denial-of-service (DDoS) attacks against services and applications will cause them the most problems during the next 12 months, according to an annual report released Tuesday by network security firm Arbor Networks.

The fifth-annual report, which surveyed 132 respondents from North America, South America, Europe, Africa and Asia, found that 35 percent of respondents believe that service and application-level attacks, which are designed to exploit service weaknesses in vulnerable backend infrastructures, will cause the most disruptions this year, the report states. Botnets were the second largest operational threat, rated the primary concern for 21 percent of respondents.

“Over the last five to six years, the sheer volume of attacks was the biggest problem,” Craig Labovitz, chief scientist at Arbor Networks, told SCMagazineUS.com on Tuesday. “That might be beginning to change. This year, the attacks have started to level off, but there's also a shift to much more focused, targeted attacks against cloud infrastructure.”

Several respondents said their organization had experienced service-level attacks in the past year targeting their distributed domain name system (DNS) infrastructure, load balancer, or large-scale SQL server backend infrastructure, the report states. These attacks resulted in multihour outages of prominent internet services for some organizations.

In addition, bandwidth volume used in the largest DDoS attacks rose 22 percent last year, from 40 gigabytes per second in 2008 to 49 per second last year, the report states.

DDoS bandwidth growth seems to be slowing, however, compared to previous years, the report states. In the past, bandwidth use in the largest DDoS attacks had nearly doubled each year.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.