Brute force attacks on networks are growing exponentially, according to the latest annual worldwide infrastructure...
security report by network management firm Arbor Networks.
Some network operators reported attacks of up to 40gigabits per second (Gbps) in the past year compared with 24Gbps and 17Gbps in the previous two years.
This represents a 67% increase in the past year, an increase of nearly 2.5 times the largest attack in 2006, and a 100 fold increase since 2001, the report said.
The number of respondents reporting attacks larger than one Gbps nearly doubled this year to 36% of those surveyed.
Danny McPherson, chief security officer for Arbor Networks, said that although most ISPs have the infrastructure to detect DDoS attacks, many still lack the ability to mitigate these attacks quickly.
According to the report, only 15% of the providers surveyed said they had the capability to mitigate DDoS attacks in 10 minutes or less.
"Even fewer providers have the infrastructure to defend against attacks at this year's reported peak of 40Gbps. This is an area of weakness that can be exploited quickly," McPherson said.
The report also noted an increase in the number of smaller and more sophisticated attacks that are more difficult to deal with than the larger brute force attacks.
Craig Labovitz, chief scientist at Arbor Networks, told Computer Weekly that most enterprises are not aware of the range of threats.
He said CIOs need to be aware of the changing threats to ensure the ISP and services they select can cope with new forms of attack.
"The problem is not all ISPs support the same security mechanisms as they do for IPv4, and only 21% of those surveyed said they had tools in place to detect threats against VoIP infrastructure or services," said Labovitz.