[AfrICANN-discuss] On ISPs and botnets...DDOS attacks

Anne-Rachel Inné annerachel at gmail.com
Tue Sep 18 13:30:52 SAST 2007

 Arbor's Worldwide Infrastructure Security Report Highlights Growing Threats
to ISPs


*VoIP Vulnerabilities and Rise of Managed Services Also Highlighted in

*Lexington, Mass., September 17, 2007* – Arbor Networks, a leading provider
of network security and operational performance for global business
networks, released its third-annual Worldwide Infrastructure Security Report
today in cooperation with the network security and operations communities.
For the first time, botnets surpassed distributed denial of service attacks
as the top threat identified by service providers.

Arbor Networks has long-standing customer relationships with more than 70%
of the global service provider community, which enabled the company to
gather input from 70 self-classified tier-1, tier-2 and hybrid IP network
operators in North America, Europe and Asia for this year's report. Based on
a 12-month period from July 2006 through June 2007, the results of the
survey are designed to provide practical data to network operators so that
they can make informed decisions about the use of network security
technology to protect their mission-critical infrastructure.

Key findings from the report include:

*Bots Overtake DDoS as Chief Security Concern*
Unlike Arbor's previous editions of the survey, bots and botnets are now
considered the most significant operational threat by ISPs, with distributed
denial of service (DDoS) attacks coming in a close second. This year, a much
larger percentage of the respondent pool believed bots and botnets to be a
larger threat than DDoS attacks, perhaps providing some indication that
botnet activity – beyond just that of DDoS – is more frequently impacting
network security operations.

*DDoS Attacks Going Pro *
While mid-level DDoS attacks have plagued the Internet since 2000, survey
respondents report a widening gap between common mid-level "amateur" attacks
and multi-gigabit "professional" efforts involving tens of thousands of
zombie hosts. Most surveyed ISPs reported significant improvements in the
sophistication and coordination of DDoS attacks.

*Attacks Outpace ISP Network Growth *
During the last two years, most top-tier service providers completed
significant investments in backbone infrastructure – upgrading links from
OC12/48 (2 gigabits per second; Gbps) to OC192 (10 Gbps). However, surveyed
ISPs reported sustained attack rates exceeding 24 Gbps – more than double
the size of these recently upgraded links. Given that most individual core
Internet backbone links today are no larger than 10 Gbps, most of the larger
attacks today still inflict collateral damage on infrastructure upstream
from the targets themselves.

*VoIP is Vulnerable *
Only 20 percent of ISPs surveyed currently have specific tools or mechanisms
to monitor and detect threats against VoIP. This finding points to a
vulnerability that service providers must address in the coming months.

*Rise of Managed Security Services *
As more mission-critical services are being converged onto IP-based
networks, the demands on service providers to provide "clean pipe" services
is escalating.  This year's survey found a significant increase in the
number of service providers offering managed DDoS detection and mitigation
services. More than one third of surveyed providers reported offering DDoS
managed security services; another one third indicated they plan to roll out
such services in the next 24 months to better protect the networks of
enterprise customers.

"Given that over half of the surveyed ISPs believe that they can effectively
mitigate most Internet attacks against their backbone infrastructure and
customers, many ISPs now believe they are ahead of the curve," said Danny
McPherson, Arbor Networks chief research officer.  "But all of this ISP
optimism about infrastructure security should be tempered by the survey data
on emerging critical infrastructure. Over half of surveyed providers said
they had no means to either detect or mitigate attacks against DNS, and
close to 90 percent have no means to protect critical VoIP infrastructure.
One thing we know about cyber criminals is that they adapt and look for
weaknesses.  When it comes to network security, complacency should never be
part of the equation."
  * For more information, please see the following:*

- Podcast Interview with Verizon Business

- Arbor Networks Blog Post

- Narrated Powerpoint Presentation

- Download the Worldwide Infrastructure Security Report:
  [image: Click to View the

*About Arbor Networks*
Arbor Networks delivers network security and operational performance for
global business networks.  Arbor's Network Behavioral Analysis (NBA)
solutions are based on the Arbor Peakflow platform, providing real-time
views of network activity which enable organizations to instantly protect
against worms, DDoS attacks, insider misuse, and traffic and routing
instability, as well as to segment and harden networks from future threats.
Today, Arbor Networks' customer base is comprised of a broad range of
service provider and enterprise customers within a variety of industries
spanning the globe, demonstrating the depth and breadth of the company's
security expertise.  All rely on the Arbor Peakflow platform to prevent
costly downtime, enable network cleanup and increase customer trust.

To learn more about Arbor Networks, please visit:
http://www.arbornetworks.com. To learn more about the Arbor Security
Engineering & Response Team (ASERT) – the company's security research arm –
please visit the ASERT blog: http://asert.arbornetworks.com.

Note to Editors:  Arbor Networks, Peakflow and the Arbor Networks logo are
trademarks of Arbor Networks, Inc.  All other brands may be the trademarks
of their respective owners.
Arbor Networks
Kevin Whalen
Director, Public Relations
kwhalen at arbor.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20070918/e90ff08c/attachment.htm

More information about the AfrICANN mailing list