Arbor Networks' Research Finds 36% Increase in Advanced Persistent Threats and Attacks against Mobile Networks Doubled
BURLINGTON, Mass., January 28, 2014 – Arbor Networks, Inc. today released its 9th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today's network operators. Based on survey data provided by service provider, enterprise, cloud, hosting and other network operators from around the world, this annual report provides a real-world view of the security threats that organizations face and the strategies they adopt to address them.
Arbor's long-standing customer relationships and reputation as a trusted advisor and solution provider make this report possible each year. Click here (registration required) to access the Arbor Networks 9th Annual Worldwide Infrastructure Security Report.
"From the ISP to the enterprise, IT and security teams are facing a dynamic threat landscape and very skilled and patient adversaries. Our ninth annual report showcases that very clearly," said Matthew Moynahan, president of Arbor Networks. "There is no single, magic bullet solution and it is a mistake to think technology alone can secure a network. Multi-layered defenses are clearly needed, but so is a commitment to best practices for people and process."
Internal Network and Advanced Persistent Threats
- Respondents ranked botted hosts as their number one concern
- The proportion of respondents seeing APTs on their networks has increased from 22 percent to 30 percent year over year
- 57 percent of survey respondents do not have a solution deployed to identify employee-owned devices accessing the corporate network
DDoS attacks against mobile networks more than doubled
- Nearly a quarter of those respondents offering mobile services indicated that they have seen DDoS attacks impacting their mobile Internet (Gi) infrastructure. This represents more than double the proportion seen last year
- More than 20 percent offering mobile services indicated that they have suffered a customer-visible outage due to a security incident, down slightly from about one-third last year
Application-layer attacks have become ubiquitous
- Application-layer attacks are now common with almost all respondents indicating they have seen them during this survey period
- Continued strong growth in application-layer attacks targeting encrypted Web services (HTTPS) - up 17 percent over last year
Dramatic Rise in DDoS Attack Size
- In all previous years of the survey, the largest reported attack was 100 Gbps. This year, attacks peaked at 309 Gbps and multiple respondents reported attacks larger than 100 Gbps
Data centers are a magnet for DDoS attacks
- More than 70 percent operating data centers reported DDoS attacks this year, up dramatically from under a half last year
- More than a third experienced attacks that exceeded total available Internet connectivity, nearly double last year
- About 10 percent saw more than 100 attacks per month
DNS infrastructure remains vulnerable
- Just over one-third experienced customer-impacting DDoS attacks on DNS infrastructure—an increase from a quarter last year
- More than a quarter indicated that there is no security group within their organizations with formal responsibility for DNS security, up from 19 percent last year. This increase is surprising given the number of high-profile DNS reflection/amplification attacks that were seen during the survey period.
Survey Scope & Demographics
- 220 responses, up from 130 last year, from a mix of Tier 1 and Tier 2/3 service providers, hosting, mobile, enterprise and other types of network operators from around the world
- More than 68 percent of respondents this year are service providers, giving us a global view into the traffic and threats targeting their networks, services and customers
- Data covers November, 2012 through October, 2013
- Download the full report here (registration required)
- Attend this webinar for a deeper dive on the WISR key findings
- Visit the Arbor Networks blog for a summary of key findings
- Download WISR infographics on the Arbor Networks Pinterest page
- Visit the Arbor Networks SlideShare page to download the WISR presentation
- Follow @arbornetworks and the #WISR14 hashtag on Twitter for more key findings
About Arbor Networks
Arbor Networks, Inc. helps secure the world's largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world's leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor's advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a "force multiplier," making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.
To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor's research, analysis and insight, together with data from the ATLAS® global threat intelligence system, can be found at the ATLAS Threat Portal.
Trademark Notice: Arbor Networks, Peakflow, ArbOS, ATLAS, Pravail, Arbor Cloud, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.