report to threats from all directions increases and drives an increased demand for managed security and incident management
The motives behind the attacks often show his “attack-muscle” in connection with extortion
Stockholm, January 26, 2016 – IT security company Arbor Networks, Inc., today announced the 11th Annual safety report: “Worldwide Infrastructure Security Report “, WISR). report reveals that IT security incidents such as network operators, government agencies and large enterprises worldwide, encountered during 2015. Among the incidents include among others the world’s largest denial of service attack (DDoS), which amounted to a full 500 Gbps. Otherwise, the report shows that virtually all types of IT threats increases significantly, and the most common motive is to flex its muscles to “show its attack capability” – something that is common in connection with, for example extortion.
– Among the respondents, it is a generally accepted fact that IT threats are constantly changing in different ways, says Arbor Networks security technical manager, Darren Anstee. The report provides insight into the problems that network operators worldwide are grappling with and underlines that technology is only one part of the problem and the solution. There are people who manage both technology and data and there are skilled people on both sides pitted against each other in the work on corporate security. Therefore, even insights about human behaviors important to analyze to create a complete picture of the security situation.
Top 5 – Trends denial of service attacks (DDoS)
- The motives behind cyber attacks change : In 2015, was the primary motivation is not so-called “hacktivism”, or vandalism, but can be described as “criminals who demonstrate their attack capability”, which is usually associated with attempts to blackmail online.
- Growth in the attack magnitude continues: The largest reported the attack included 500 Gbit / s, and others have also had reported 450 Gbit / s, 425 Gbit / s and 337 Gbit / s. During all the 11 years this survey has been conducted, the size of the largest of reported attacks has grown by over 60 times.
- Complex attacks are on the rise: 56 percent of respondents reported the multi-vector attacks attacking infrastructure, applications and services simultaneously. This is an increase from last year’s 42 percent. 93 percent reported DDoS attacks on the application layer. The services which often is the target of application layer attacks is now DNS (rather than HTTP).
- Clouds under attack : Two years ago subjected 19 percent of respondents to attacks against its cloud-based services. This figure rose to 29 percent last year and 33 percent this year – a clear trend. In fact, 51 percent of all data center operators reported that DDoS attacks led to their Internet connections became overloaded. The number of data centers that experienced outbound attacks from servers within their own networks also rose sharply, from 24 percent last year to 34 percent.
- Firewalls have continued problems to resist DDoS attacks: More than half of business respondents reported that their firewall stopped working on the founding of DDoS attacks, which is an increase by one third the year before. Firewalls provides an interface from attacks and consequently is often the first thing that will stop working when DDoS attacks. Because of how the firewall location in the network, they can also make the network more slowly.
Top 5 – Trends among advanced threats
- Focus on better response : 57 percent of companies want to implement solutions that can accelerate incident response. Among the service providers had a third reduced the time it takes to discover an advanced, persistent threats (“Advanced Persistent Threat”, APT) in its network to over a week, and 52 percent said that the time between detection and control has been reduced to less than one month.
- Better planning : In 2015, the share of business respondents with developed incident response plans, and to put at least some resources to respond to such incidents, from about two-thirds last year to 75 percent year.
- Insiders in focus: The share of corporate respondents who experience adverse insiders have gone up to 17 per cent this year (compared to 12 percent last year). Nearly 40 percent of all business respondents still lack the means to monitor the private entities that are used in the job (Bring Your Own Device, BYOD) on the network. The proportion that reported security incidents related to BYOD doubled, from 6 percent last year to 13 percent.
- Staffing : A significant reduction occurred among those who wish to expand their internal resources with the objective of improve preparedness and response to incidents from 46 to 38 percent.
- Increased demand for external support: Lack of internal resources has led to an increase in the use of managed services and outsourced support. 50 percent of companies say they have engaged external organizations for its incident response. This is 10 percent higher than among service providers. Among the service providers reported 74 percent they have experienced increased client demand for managed services.
survey the extent and demographics
- 354 responses, up from 287 last year, with a mix of service providers, hosting mobile, corporate and other types of network operators worldwide.
- As in previous years, the majority of responses (52 percent) from the service provider organizations.
- For the first time in this investigation’s 11-year history, nearly half of the replies (48 per cent) from other types of organizations that gave a more diverse picture of different types of networks. This is an increase from 40 percent in 2014 and 25 percent five years ago.
- Organisations are well represented, with 38 percent of the total number of respondents. The remaining respondents (non-service providers) are departments (6 percent) and stakeholders in education (4 percent).
- The collected data covering November 2014 through November 2015
Additional resources:
- Download the full report here (registration required)
- Attend this webbinareserie to get more information about the main WISR conclusions – for the main DDoS- conclusions, sign up here; the main conclusions regarding the advanced threats, sign up here
- Visit the Arbor Networks blog and read a summary of the main conclusions
- Download WISR-infographics from Arbor Networks Pinterest -page
- Visit the Arbor Networks SlideShare -page to download WISR presentation
- Like us through Facebook and follow the arbornetworks and #WISR hashtag on Twitter for important conclusions
Arbor Networks
Arbor Networks, NETSCOUT of Security, will help protect the world’s largest enterprise and service provider networks against DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection market segments for enterprise, telecom and mobile operators, according to Infonetics Research. Arbors protection solutions against advanced threats provides comprehensive visibility into networks, thanks to a combination of packet capture and NetFlow technology, which enables fast identification and mitigering of malware and attacks from the inside. Arbor also supplies market analyzes for dynamic incident response, history, analysis, visualization and forensics. Arbor strives to be a “styrkemultiplikator” and make network and security teams to experts. Our goal is to provide a more detailed insight into the networks and a better security environment so customers can resolve problems more quickly, thereby reducing the company’s security risks.
Learn more about Arbors products and services arbornetworks.com and follow us on Twitter ArborNetworks . Arbors research, analyzes, knowledge and data from the ATLAS global hotinformationssystem are ATLAS Threat Portal .
If brands: Arbor Networks, the Arbor Networks logo and ATLAS are trademarks belongs to Arbor Networks, Inc. Other brand names may be trademarks of their respective owners.
Contact:
The Northern Link PR for Arbor Networks
Jan Fredriksson
070 716 00 68
jan@nlpr.se
Arbor Networks
Kevin Whalen
781-362-4377
kwhalen@arbor.net
No comments:
Post a Comment