In a year where the distributed denial-of-service was a by-word for a politically-motivated attack, Arbor Networks' sixth annual worldwide infrastructure security report said that the attacks became mainstream as many were against popular and well-known targets.
Roland Dobbins, solutions architect at Arbor Networks, said Arbor was finding that the size of the largest packet DDoS increased dramatically year-on-year. He said that it was 49GB a second in last year's report and the likelihood is that it is now looking at attacks of 100GB a second.
“That is a 102 percent year-on-year increase and in the time we have been doing these surveys, there has been an increase of 1000 percent in five years," Dobbins said.
"Even with the largest firewall, it is easy for botnets to pass inspection so legitimate users cannot access services. It is a systematic failure. The internet infrastructure is getting fragile”
“We are seeing a significant increase in the number of respondents who say that they will see ten or more DDoS attacks a month, and nine times out of ten they target the end-user and not the service provider.”
Luis Corrons, technical director at PandaLabs, pointed the finger at the loose-knit hacker collective known as Anonymous for the bringing such attacks to prominence.
“It is not because of the tools, they were already there but Anonymous got attention because of people and the media. The tools were there, they did not create it.
“It is more easy to do, we released a black market report and talking about different services they do not need to do anything. The tools are at every level of service and became more and more common and we see more cyber criminal activity.”
The report claimed that application-layer DDoS attacks were increasing in sophistication and operational impact, as 77 percent of its respondents detected application-layer attacks last year.
These attacks target customers and their supporting services, such as domain name systems and web portals.
Data centre operators and mobile/fixed wireless operators reported that application-layer DDoS attacks are leading to significant outages, increased operational expenditures, customer churn and revenue loss.