Arbor Networks' Third-Annual Worldwide Infrastructure Security Report Highlights Botnets and Increased Size of DDoS Attacks

VoIP Vulnerabilities and Rise of Managed Services Also Highlighted in Report

LEXINGTON, MA--(Marketwire - September 17, 2007) -- Arbor Networks, a leading provider of network security and operational performance for global business networks, released its third-annual Worldwide Infrastructure Security Report today in cooperation with the network security and operations communities.

Key findings from the report include:   

 --  Bots Overtake DDoS as Chief Security Concern: Unlike previous editions of Arbor's survey, bots and botnets are now considered the most significant operational threat by ISPs, with distributed denial of service (DDoS) attacks coming in a close second.   

--  DDoS Attacks Going Pro: While mid-level DDoS attacks have plagued the Internet since 2000, survey respondents report a widening gap between common mid-level "amateur" attacks and multi-gigabit "professional" efforts involving tens of thousands of zombie hosts.   

--  Attacks Outpace ISP Network Growth: During the last two years, most top-tier service providers completed significant investments in backbone infrastructure -- upgrading links to OC192 (10 Gbps). However, surveyed ISPs reported sustained attack rates exceeding 24 Gbps. Therefore, most of larger attacks today still inflict collateral damage on infrastructure upstream from the targets themselves.   

--  VoIP is Vulnerable: Only 20 percent of ISPs surveyed currently have specific tools or mechanisms to monitor and detect threats against VoIP. This finding points to vulnerability that service providers must address in the coming months.   

--  Rise of Managed Security Services: As more mission-critical services are being converged onto IP-based networks, the demands on service providers to provide "clean pipe" services is escalating. More than one third of surveyed providers reported offering DDoS managed security services, another one third indicated that they plan to roll out such services in the next 24 months to better protect enterprise customers' networks.

Quotes from Danny McPherson, Chief Research Officer, Arbor Networks

-- "Given that over half of the surveyed ISPs believe that they can effectively mitigate most Internet attacks against their backbone infrastructure and customers, many ISPs now believe they are ahead of the curve," said Danny McPherson, Arbor Networks chief research officer.-- "However, all of this ISP optimism about infrastructure security should be tempered by the survey data on emerging critical infrastructure. Over half of surveyed providers said they had no means to either detect or mitigate attacks against DNS, and close to 90 percent have no means to protect critical VoIP infrastructure. One thing we know about cyber criminals is that they adapt and look for weaknesses. When it comes to network security, complacency should never be part of the equation."

Please contact Jessica Sutera to arrange for further quotes regarding this announcement or to request an interview with an Arbor Networks executive.

Multimedia:

-- Podcast Interview with Verizon Business on the key findings of the report http://www.arbornetworks.com/podcasts -- Arbor Networks Blog Post http://asert.arbornetworks.com/2007/09/zombies-worms-and-flooded-oc192s-the-2007-infrastructure-security-report/ -- Narrated PowerPoint Presentation http://www.arbor.net/images/Webcasts/WWISP/ -- Arbor Network's Third-Annual Worldwide ISP Infrastructure Security Report http://www.arbornetworks.com/report

Relevant Links:

ASERT blog

Arbor Networks Feeds:

Arbor Networks News

About Arbor Networks

Arbor Networks delivers network security and operational performance for global business networks. Arbor's Network Behavioral Analysis (NBA) solutions are based on the Arbor Peakflow platform, providing real-time views of network activity which enable organizations to instantly protect against worms, DDoS attacks, insider misuse, and traffic and routing instability, as well as to segment and harden networks from future threats. Today, Arbor Networks' customer base is comprised of a broad range of service provider and enterprise customers within a variety of industries spanning the globe, demonstrating the depth and breadth of the company's security expertise. All rely on the Arbor Peakflow platform to prevent costly downtime, enable network cleanup and increase customer trust.

To learn more about Arbor Networks, please visit: http://www.arbornetworks.com. To learn more about the Arbor Security Engineering & Response Team (ASERT) -- the company's security research arm -- please visit the ASERT blog: http://asert.arbornetworks.com.