The threat landscape has been transformed by the emergence of Internet of Things (IoT) botnets, with attackers now able to weaponize inherent security vulnerabilities in certain IoT devices, according to Arbor Networks’ 12th Annual Worldwide Infrastructure Security Report (WISR). Arbor Networks is the security division of NETSCOUT.
“The survey respondents have grown accustomed to a constantly evolving threat environment with steady increases in attack size and complexity over the past decade,” said Darren Anstee, Arbor Networks Chief Security Technologist. “However, IoT botnets are a game changer because of the numbers involved. There are billions of these devices deployed, and they are being easily weaponized to launch massive attacks. Increasing concern over the threat environment is reflected in the survey results, which show significant improvements in the deployment of best practice technologies and response processes.”
Some highlights:
- The largest distributed denial-of-service (DDoS) attack reported this year was 800 Gbps, a 60% increase over 2015’s largest attack of 500 Gbps.
- Since Arbor began the WISR in 2005, DDoS attack size has grown 7,900%, for a compound annual growth rate (CAGR) of 44%.
- In the past five years alone, DDoS attack size has grown 1,233%, for a CAGR of 68%.
- 53% of service providers indicated they are seeing more than 21 attacks per month – up from 44% last year.
- 21% of data-center respondents saw more than 50 attacks per month, versus only 8% last year.
- 45% of enterprise, government and education respondents experienced more than 10 attacks per month – a 17% year over year increase.
- 67% of service providers and 40% of Enterprise, Government and Education (EGE) reported seeing multi-vector attacks on their networks.
- 61% of data center operators reported attacks totally saturating data center bandwidth.
- 25% of data center and cloud providers saw the cost of a major DDoS attack rise above $100,000, and 5% cited costs of over $1 million.
- 41% of EGE organizations reported DDoS attacks exceeding their total internet capacity. Nearly 60% of EGE respondents estimate downtime costs above $500/minute.
- 77% of service provider respondents are capable of mitigating attacks in less than 20 minutes.
- Nearly 55% of EGE respondents now carry out DDoS defense simulations, with approximately 40% carrying them out at least quarterly.
- The proportion of data center and cloud provider respondents that are using firewalls for DDoS defense has fallen from 71% to 40%.
