Distributed denial-of-service (DDOS) attacks are wreaking havoc globally.
This was the word from Brian McCann, president of the security business unit at application and network performance management firm Netscout. McCann was speaking during the NetEvents Global Press and Analyst Summit in San Jose, California.
A DDOS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more Web servers. Such an attack is often the result of multiple compromised systems - for example, a botnet - flooding the targeted system with traffic.
"The stakes in the security industry have changed in regards to the size, frequency and complexity of attacks," said McCann. "In this new world of advanced threats, hackers only need to get it right once to be successful in their attacks, while the security industry needs to get it right every time."
In regards to DDOS attacks, McCann noted that in 2007, an average attack was about 24Gbps. By 2010, he added, it averaged 100Gbps. However, the highest recorded in 2016 was a massive 800Gbps.
Referring to Netscout's security division Arbor Networks' 12th Annual Worldwide Infrastructure Security Report from January 2017, McCann pointed out that a new DDOS attack was launched every 6.3 seconds during 2016.
"The largest DDOS attack reported was 800Gbps, a 60% increase over 2015's largest attack of 500Gbps," he said.
According to the report, 21% of data centre operators see more than 50 DDOS attacks a month, a 13% increase from 2015. It notes that organisations remain the number one target for DDOS attacks, with over two-thirds of attacks targeting them.
Infrastructure continues to be the most popular attack target, said McCann, adding 60% of organisations estimate their downtime costs above $500 a minute, with some reporting much larger losses per minute.
To highlight the growth threats on the security landscape, McCann gave the example of the Equifax hack. Equifax - one of the largest credit reporting agencies in the US - was breached, exposing private information belonging to 143 million people, nearly half of the US population.
The breach, which was discovered in July 2017, includes sensitive information such as social security numbers, birthdays, addresses, and in some instances, driver's licence numbers. The agency said 209 000 credit card numbers were exposed in the breach, which includes customers in Canada and the UK.
With these threats escalating, McCann urged organisations to ensure their networks are always visible to administrators. "Having intelligence is the foundation to a secure network," he said.
Share