Distributed denial of service (DDoS) attacks are growing in size, frequency and complexity, according to the latest Annual Infrastructure Report from Arbor Networks.
The security vendor’s 10th Annual Worldwide Infrastructure Security Report (WISR) highlights how the largest reported attack of the year was a was a whopping 400Gbps, some fifty times the size of the biggest attack noted in the 2004 report. With another nine events logged at over 100Gbps over the course of last year, the size of the attacks certainly is significant.
The company also notes how, in 2013, just over a quarter of respondents to its survey had experienced over 21 attacks per month. By this year that figure had risen to 38 percent.
DDoS attacks: the targets
Of the 287 respondents, 90% said the DDoS attacks experienced by their organisations were at the application level while multi-faceted attacks including volumetric, application layer and state exhaustion techniques were seen by 42% of the surveyed organisations.
Unsurprisingly, perhaps, over a quarter of respondents said they had seen attacks which targeted cloud services.
Data centers were a target often picked out by attackers and their efforts had a large impact too – more than a third of operators saw attacks which completely exhausted their bandwidth which led not only to a loss of business but collateral damage too.
Enterprises suffered at the hands of DDoS attacks too though with almost half of Arbor’s survey respondents saying they saw attacks over the preceding 12 months. In two fifths of those attacks the organisations internet connectivity was completely saturated.
Many companies unprepared for DDoS attacks
Despite the increase in DDoS attacks and their severity, many companies remain ill-prepared with 10% of respondents saying they were totally unprepared to respond to an incident. Only 40% of those surveyed said they well adequately prepared to respond to such an attack vector.
Commenting on the findings, Arbor Networks Director of Solutions Architects Darren Anstee said:
“In 2004, the corporate world was on watch for self-propagating worms like Slammer and Blaster that devastated networks the year before; and, data breaches were most likely carried out by employees who had direct access to data files. Today, organizations have a much wider and more sophisticated range of threats to worry about, and a much broader attack surface to defend. The business impact of a successful attack or breach can be devastating – the stakes are much higher now.”
What’s the motive?
But it’s not just corporate entities that need to be wary of distributed denial of service attacks. Beyond the report’s understandable interest in the corporate sector, Arbor also revealed how non-financial reasons were in fact the biggest motivator for such attacks.
As per the previous three years of reporting, vandalism and the promotion of ideological hacktivism remained popular reasons for these types of attack.
Another perennial favourite, gaming, the report said, “has gained in percentage, which is no surprise given the number of high-profile, gaming-related attack campaigns this year,” concluding that DDoS-for-hire services were often employed by gamers to settle scores or grudges against other players.
For such people DDoS attacks were a favoured means of attack due to the relative ease of pulling them off or of finding such services for hire.
Arbor notes that many of the biggest such attacks take advantage of popular household hardware including games consoles, routers and modems which can be compromised via the Simple Service Discovery Protocol, part of the UPnP standard. Such devices often pose a tempting target due to their reliance on default login credentials and owners’ reluctance to change them.