More

    The Crumbling Front Line of Security

    As more bandwidth becomes generally available, network operators are realizing that fatter pipes are a double-edged sword.

    A new security survey of 111 network operators conducted by Arbor Networks, a provider of security and monitoring tools for network operators, finds that there has been an over 100 percent increase in distributed denial of service (DDoS) attacks and that for the first time those attacks have exceeded the 100 gigabit-per-second barrier.

    According to Paul Scanlon, a solutions architect for Arbor Networks, this increase in both the frequency and size of DDoS attacks means that cybercriminals are relying on brute-force tactics more than ever. However, those attacks are now accompanied by more subtle threats aimed at collecting data from specific files to create a blended attack vector that combines brute force with targeted attacks.

    Those brute-force attacks, aimed primarily at DNS servers and HTTP traffic, are overwhelming firewalls and intrusion prevention systems, with 49 percent attributing a firewall or intrusion prevention system (IPS) directly to a DDoS attack.

    Scanlon says the study shows that IT organizations of all sizes are going to need more robust security infrastructure just to keep pace with the amount of bandwidth that is available to enable a DDoS attack.

    But that could be problematic; as IP4 addresses increasingly become exhausted, networks will rely more on IP6 addresses that could introduce potential security concerns. That’s also especially problematic because 60 percent of the network operators said they have no visibility into the packets on their networks.

    In short, if network operators represent the front line of our collective security, the line is getting dangerously close to giving way.

    The Crumbling Front Line of Security - slide 1

    Click through for results from an infrastructure security survey conducted by Arbor Networks.

    The Crumbling Front Line of Security - slide 2

    The attacks are getting exponentially larger.

    The Crumbling Front Line of Security - slide 3

    HTTP and DNS are the keys to the Web application kingdom.

    The Crumbling Front Line of Security - slide 4

    More to come.

    The Crumbling Front Line of Security - slide 5

    The real target is customer data.

    The Crumbling Front Line of Security - slide 6

    Brute-force attacks are effective.

    The Crumbling Front Line of Security - slide 7

    Not a lot of faith.

    The Crumbling Front Line of Security - slide 8

    2012 is shaping up to be a big IPv4 challenge.

    The Crumbling Front Line of Security - slide 9

    The shift to IPv6 is on.

    The Crumbling Front Line of Security - slide 10

    Concerns are many and varied.

    The Crumbling Front Line of Security - slide 11

    Marginally better.

    Latest Articles