According to the fourth Worldwide Infrastructure Security Report from Arbor Networks, published today, malicious attacks on networks are continuing to rise at an alarming rate. While that is no great surprise, the fact that during 2008 Distributed Denial of Service attacks have peaked at 40 Gbps most certainly is.
Arbor's fourth annual Worldwide Infrastructure Security Report includes responses from nearly 70 IP network operators in North America, South America, Europe and Asia. It has revealed that during the last couple of years the largest sustained DDoS attacks were 24 Gbps and 17 Gbps, and according to Arbor Networks this represents a 67 percent increase in attack scale over 2007 and nearly two and a half times the largest attack reported in 2006. If you want really impressive numbers, it is a 100-fold increase since 2001.
Even at the lower end of the sustained attack scale, some 36 percent of survey respondents have reported observing them larger than 1 Gbps during 2008. That in itself is double the previous years figures. And, of course, a 1 Gbps sustained DDoS attack is damaging enough.
Danny McPherson, chief security officer for Arbor Networks told us "The growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and infrastructure investment. While most ISPs now have the infrastructure to detect bandwidth flood attacks, we found that many still lack the ability to quickly mitigate these attacks; only a small percentage of the providers we surveyed said they have the capability to mitigate DDoS attacks in 10 minutes or less."
And even less have the kind of infrastructure needed to be able to satisfactorily defend against a 40 gigabit flooding attack!