Arbor Networks, Inc. today released its 9th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today’s network operators. Based on survey data provided by service provider, enterprise, cloud, hosting and other network operators from around the world, this annual report provides a real-world view of the security threats that organizations face and the strategies they adopt to address them.
“The security report from Arbor provides Middle East service providers, hosting, mobile, enterprise and other types of network operators with a deep insight into the latest security threats. These threats as we all know have no geographical boundaries and regional organizations are as susceptible to these attacks as businesses across the globe. In fact given that the economy in the region is on the upturn and IT security measures are not as developed as in the mature markets, the region presents a greater opportunity for cyber criminals. The security report will help organizations to assess areas of vulnerability and address these through appropriate measures,” says Mahmoud Samy, Area Head, Middle East, Pakistan and Afghanistan at Arbor Networks.
Arbor’s long-standing customer relationships and reputation as a trusted advisor and solution provider make this report possible each year.
“From the ISP to the enterprise, IT and security teams are facing a dynamic threat landscape and very skilled and patient adversaries. Our ninth annual report showcases that very clearly,” said Matthew Moynahan, president of Arbor Networks. “There is no single, magic bullet solution and it is a mistake to think technology alone can secure a network. Multi-layered defenses are clearly needed, but so is a commitment to best practices for people and process.”
Internal Network and Advanced Persistent Threats
• Respondents ranked botted hosts as their number one concern.
• The proportion of respondents seeing APTs on their networks has increased from 22 percent to 30 percent year over year.
• 57 percent of survey respondents do not have a solution deployed to identify employee-owned devices accessing the corporate network.
DDoS attacks against mobile networks more than doubled
• Nearly a quarter of those respondents offering mobile services indicated that they have seen DDoS attacks impacting their mobile Internet (Gi) infrastructure. This represents more than double the proportion seen last year.
• More than 20 percent offering mobile services indicated that they have suffered a customer-visible outage due to a security incident, down slightly from about one-third last year.
Application-layer attacks have become ubiquitous
• Application-layer attacks are now common with almost all respondents indicating they have seen them during this survey period.
• Continued strong growth in application-layer attacks targeting encrypted Web services (HTTPS) - up 17 percent over last year.
Dramatic Rise in DDoS Attack Size
• In all previous years of the survey, the largest reported attack was 100 Gbps. This year, attacks peaked at 309 Gbps and multiple respondents reported attacks larger than 100 Gbps.
Data centers are a magnet for DDoS attacks
• More than 70 percent operating data centers reported DDoS attacks this year, up dramatically from under a half last year.
• More than a third experienced attacks that exceeded total available Internet connectivity, nearly double last year.
• About 10 percent saw more than 100 attacks per month.
DNS infrastructure remains vulnerable
• Just over one-third experienced customer-impacting DDoS attacks on DNS infrastructure an increase from a quarter last year.
• More than a quarter indicated that there is no security group within their organizations with formal responsibility for DNS security, up from 19 percent last year. This increase is surprising given the number of high-profile DNS reflection/amplification attacks that were seen during the survey period.
Survey Scope & Demographics
• 220 responses, up from 130 last year, from a mix of Tier 1 and Tier 2/3 service providers, hosting, mobile, enterprise and other types of network operators from around the world.
• More than 68 percent of respondents this year are service providers, giving us a global view into the traffic and threats targeting their networks, services and customers.
• Data covers November, 2012 through October, 2013
About Arbor Networks
Arbor Networks, Inc. (arbornetworks.com) helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.
Trademark Notice: Arbor Networks, Peakflow, ArbOS, ATLAS, Pravail, Arbor Cloud, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.
Product Information Contact: Mr. Mahmoud Samy, Arbor Networks
M: +971(50) 4522823 / +971(55) 4522823