Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Network Security, Security Strategy, Plan, Budget, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Study: Internet service providers facing more, larger threats

Internet service providers (ISPs) are facing more security threats, while attacks are becoming larger and more sophisticated.

That finding is from Arbor Networks' Worldwide Infrastructure Security Report, released Tuesday. The report compiles survey responses from 66 lead security engineers from North America, South America, Europe and Asia. They were asked questions relating to internet security threats and engineering challenges occuring between August 2007 and July 2008.

The scale of attacks have been growing steadily since 2001, but this year's largest reported distributed denial-of- service (DDoS) attack reached 40 gigabits per second against a single target, the report states. That incident was related to a fradulent investment scheme.

In last year's report, the largest sustained DDoS attack was 24 gigabits. In 2001, the largest was only 400 megabits per second. This year's largest attack represents a 100-fold increase over 2001, the report states.

An attack of this size is significant because most individual core internet backbone links -- those that connect ISP data centers and networks internally and used to interconnect with other networks -- contain no more than 10 gigabits of capacity.

Attacks of 40 gigabits not only overwhelm the target, but also cause collateral damage to other network services and customers connected to that same network equipment and facilities, Danny McPherson, vice president and chief security officer at Arbor Networks, told on Tuesday

As the scale and type of attacks have grown, they have become more sophisticated and harder to mitigate, the report states. Several ISPs reported having sustained attacks that left them with multihour outages due to the sophistication of the attack.

“Surprisingly, over 30 percent of respondents reported needing more than an hour to mitigate an attack, even after it has been detected,” the report states.

In previous years, respondents said they focused most of their security efforts combating DDoS attacks, but this year additional threats were recognized. ISPs said they were highly concerned about domain name spoofing attacks, border gateway protocol (BGP) hijacking and spam.

The scale and type of attacks on internet service providers have grown.

McPherson said enterprises should have a disaster recovery plan that includes finding ways to communicate with ISPs to mitigate attacks, even if email is down.

“Enterprises should take away [the understanding] that with the size of these attacks, you can't mitigate these yourselves,” McPherson said.

ISPs now frequently offer managed security services that customers should take advantage of, he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.