Arbor Networks: Targeted DDoS Attacks, Mobile Security Gaps

By Robert Westervelt
January 29, 2013 10:29 AM ET

Page 1 of 2

Denial-of-Service attacks pose a serious risk to business continuity, but enterprises are increasingly relying on ISP and third-party service providers to mitigate the threat, according to a study released Tuesday by Arbor Networks.

The Burlington, Mass.-based company's eighth annual Worldwide Infrastructure Security Report found Distributed Denial-of-Service (DDoS) attacks are increasingly being tied to targeted malware attacks in an attempt to infiltrate businesses.

The report surveyed 130 network security operations engineers, analysts and other executives and management involved with enterprise and network operations in a mixture of Tier 1, Tier 2 and Tier 3 networks from October 2011 through September 2012.

An increasing number of people are becoming alarmed that DoS attacks are being carried out in conjunction with attacks attempting to steal account credentials, intellectual property and other sensitive data, according to the Arbor Networks report. Those surveyed said the BYOD craze has resulted in less visibility into networks and more entry points into corporate systems. Approximately 40 percent of those surveyed have the means to monitor the use of smartphones and mobile devices, the survey found.

The Arbor Networks study illustrates the surge in media attention being paid to DoS attacks on large businesses in recent months, fueled in part by hacktivist groups and others attempting to disrupt business operations. Operation Ababil, tied to Iranian cyberattackers, has been targeting large U.S. banks.

According to Arbor Networks, the strength of DDoS attacks has not increased over the past three years but the tactics have changed.

"Technology isn't really evolving that fast in terms of the technology and tools being used, but we are seeing sophistication in how they are combined with other methods of attacks," said Gary Sockrider, solutions architect for the Americas at Arbor Networks. "Attackers are going to do whatever it takes to bring sites down and, with a trend toward multivector attacks, you don't need a volumetric brute force attack to bring sites down."

NEXT: The Growing Threat Of Multivector Attacks

1 | 2 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows