2013-03-13 13:59:29 - Advanced Persistent Threats a Top Concern for Providers and Enterprises
Attack Sizes Plateau; Complex Multi-Vector Attacks on the Rise
Data Centers and Cloud Services are Increasingly Victimized
Mobile Operators Increase Capacity but Not Visibility
DUBAI, United Arab Emirates, March 13th, 2013 – Arbor Networks Inc., a leading provider of network security and management solutions for enterprise and service provider networks, released its 8th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today’s network operators. Among the key findings this year, advanced persistent threats (APTs) are top of mind for both service providers and enterprises; distributed denial of service (DDoS) attacks have plateaued in size but become more complex; data center and cloud services are especially attractive targets; and mobile operators continue to be reactive in terms of network visibility. The report also covers the impact of BYOD as well as infrastructure issues such as VoIP
Based on survey data provided by network operators from around the world, this annual report is designed to help network operators make more informed decisions about their security strategies as they relate to the integrity of mission-critical Internet and other IP-based infrastructure. Arbor’s long-standing customer relationships and reputation as a trusted advisor and solution provider make this report possible each year. Click here to access the Arbor Networks 8th Annual Worldwide Infrastructure Security Report.
Middle East IT security veteran, Lakshman Nalvade states that the findings of the report accurately reflect the region's threat landscape. Mr. Lakshman who is the Divisional Manager of Westcon Emerging Technologies, a value-added distributor for Arbor Networks in the Middle East, said, “DDoS attacks are becoming a prime concern for many enterprises in the Middle East. Consumers are demanding that more services be made available though online portals and attackers are recognizing the damage they can inflict upon the businesses by targeting these channels.”
He believes the WISR report can help CIOs and IT managers make better informed decisions regarding their long term IT plans, “Cloud computing is set to become the next big trend in the region which is why telcos, government and private organizations are starting to closely examine the readiness of their networks both from the point of view of performance as well as security. The Arbor Network report is an excellent tool to help them identify the key areas that they need to focus upon.”
Advanced Persistent Threats (APTs) a Top Concern for Service Providers and Enterprises
61 percent named ‘botted’ or otherwise compromised hosts as top concern
55 percent named Advanced Persistent Threats (APTs) as top concern
Advanced threats are a well-established problem for enterprise network operators. This year’s survey found an increased level of concern over ‘botted’ or compromised machines on provider networks. The increase in botted hosts is not surprising given the number and complexity of malware variants that exist, their rate of evolution and the consequent inability of Intrusion Detection Systems (IDS) and Anti-Virus (AV) systems to fully protect them. Looking ahead, there is even more concern about APT, industrial espionage, data exfiltration and malicious insiders.
DDoS: Attack Sizes Plateau; Complex Multi-Vector Attacks on the Rise
Largest attack reported was 60 Gbps, same as 2011; 2010 attack peak was 100 Gbps
46 percent reported multi-vector attacks
This year’s results confirm that application-layer and multi-vector attacks are continuing to evolve while volumetric attacks are starting to plateau in terms of size. While 86 percent reported application-layer attacks targeting Web services, most concerning is that multi-vector attacks are up markedly. Attackers have now turned to sophisticated, long-lived, multi-vector attacks – combinations of attack vectors designed to cut through the defenses an organization has in place – to achieve their goals. Multi-vector attacks are the most difficult to defend against and require layered defenses for successful mitigation. This year’s report includes a case study on the ongoing attacks against U.S. financial services organizations, a great example of a multi-vector attack.
Data Centers and Cloud Services are Increasingly Victimized
94 percent of data center operators reported attacks
90 percent of those reported operational expenses as a business impact
As more companies move their services to the cloud, they now have to be wary of the shared risks and the potential for collateral damage. This correlates directly to the types of companies being targeted by attackers, with e-commerce and online gaming sites increasingly targeted, according to survey results this year.
Mobile Providers Continue to be Reactive
60 percent do not have visibility into the traffic on their mobile/evolved packet cores
There has been limited improvement in visibility or investment in detection and mitigation solutions specific to the mobile network since the last survey. The economics of consumer subscriber networks do not incent providers to implement security until a problem occurs.
The number of mobile devices, along with the sophistication and power of these devices, continues to increase year over year. We believe it is only a matter of time before botnets and DDoS become more prevalent within mobile infrastructure.
Bring Your Own Device (BYOD) Trend Creates New Challenges
63 percent allow BYOD devices on the network
However, only 40 percent have the means to monitor those devices
In the growing trend commonly referred to as BYOD, half of respondents now allow personal devices on their networks. However, only 40 percent have a means to monitor usage of these devices. Additionally, only 13 percent actively block access to social media applications and sites. Clearly, BYOD is creating more entry points for hackers to enter the network.
DNS Infrastructure Remains Vulnerable
27 percent experienced customer-impacting DDoS attacks on their DNS infrastructure—a significant increase over the 12 percent of respondents from last year’s survey
71 percent of respondents reported good visibility at Layers 3 and 4 but only 27 percent reported Layer 7 visibility. This lack of visibility coupled with a lack of dedicated security personnel create an ideal environment for attackers to exploit. Attackers now have many targets from which to create reflection attacks.
IPv6 Deployments Becoming Pervasive
80 percent indicated that they either have already deployed IPv6 or have plans to deploy within the next 12 months
In last year’s WISR, survey respondents acknowledged the first reports of IPv6 DDoS attacks on production networks. Even though IPv6 DDoS attacks were being reported, IPv6 security incidents were still relatively rare at that time. Considering that 75 percent of survey respondents are Service Providers, it’s no great surprise that IPv6 deployments are accelerating today. This opens new opportunities for attackers to bypass network controls by switching between IPv4 and IPv6 networks.
Survey Scope and Demographics
Data covers October, 2011 through September, 2012
130 respondents from a mixture of Tier 1, Tier 2/3, enterprise and other types of network operators from all around the world; a 14 percent increase from last year’s respondent pool
64 percent of respondents are network or security operations engineers, analysts or architects; the remaining are management or executives
About Arbor Networks
Arbor Networks, Inc. is a leading provider of network security and management solutions for enterprise and service provider networks, including the vast majority of the world's Internet service providers and many of the largest enterprise networks in use today. Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS® Active Threat Level Analysis System. Representing a unique collaborative effort with 250+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions.
For technical insight into the latest security threats and Internet traffic trends, please visit our website at arbornetworks.com and our blog at ddos.arbornetworks.com
Trademark Notice: Arbor Networks, Peakflow, ArbOS, How Networks Grow, ATLAS, Pravail, Arbor Optima, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.
About Westcon Group
Westcon Group, Inc. is a value added distributor of category-leading unified communications, network infrastructure, data center and security solutions with a global network of specialty resellers. Westcon’s teams create unique programs and provide exceptional support to accelerate the business of its global partners. Strong relationships at every level of the Westcon Group organization enable partners to receive support tailored to their needs. From global logistics and flexible customized financing solutions to pre-sales, technical and engineering assistance, the company works with partners to respond with agility and speed to changing market conditions so they can achieve the fastest time to revenue.
For more information, please visit: www.westcongroup.com.
For more information, please contact
Westcon Middle East
Dubai - UAE
+971 (50) 6400762