The number of Distributed Denial of Service attacks more than doubled in 2010, as criminals took advantage of a readily available supply of online tools.
Security firm Arbor Networks says 2010 was the year DDoS went mainstream, with high profile cases including the Anonymous group attacks pitching the threat to the forefront of IT consultant’s view.
Consultants have good reason to worry, with Arbor’s sixth annual Worldwide Infrastructure Security report – released later today - flagging that some DDoS attacks broke through the 100Gbps barrier for the first time – enough to bring down entire networks according to Carlos Morales, vice president of global sales engineering.
An attack of that size takes up “more bandwidth than most carriers can handle,” Morales explained, telling Telecoms Europe.net that the gap between the tools hackers use and Web firm’s security is widening.
Mobile operators account for 90% of those gaps, Morales said, noting that cellcos “are almost ten years behind their fixed-line brethren,” in terms of their security systems.
Of all the mobile operators who took part in the latest survey, 55% reported network outages due to security events during 2010, while 50% said they have limited visibility of attacks on their networks.
However, the increased threat of cyber attack is a problem for all ISPs, with attacks on HTTP and DNS protocols still top of the list for criminals.
Arbor’s research found that 77% of respondents detected application layer attacks targeting them or their customers in 2010, resulting in significant outages and increased operational expenditure for service providers.
Morales warns the problem will get worse as the world transitions to IPv6, because web firms haven’t developed the same levels of security for that protocol as the outgoing IPv4.
“I’d be very surprised if 2011 didn’t see some sort of large-scale DDoS attack,” Morales told Telecoms Europe.net.