Hacktivism motivated by idealistic views has been identified as the single most readily-identified factor for increasing DDoS attacks, according to security vendor, Arbor Networks.
A recent report, titled Worldwide Infrastructure Security Report, where Arbor that examined the DDoS threat landscape and the motivators behind attacks.
The report discovered that the overabundance of readily available DDoS attack tools has created an environment were practically anyone can launch an attack.
“The explosion of inexpensive and readily accessible attack tools is enabling anyone to carry out DDoS attacks,” Arbor Networks solutions architect for Asia-Pacific, Roland Dobbins.
“This has profound implications for the threat landscape, risk profile, network architecture and security deployments of Internet operators and Internet connected enterprises.”
While data showed that attacks in the past were financially driven, either for competitive reasons or extortion, a growing number of attacks are reported to political or ideological in nature, as well as a reported increase in nihilism or vandalism attacks.
Dobbins sums up this trend in 2011 as a “democratisation of DDoS” with the implication that any enterprise that is online can now become an attack target for any or no reason.
Other key findings in the report included an increase in the prevalence of high-bandwidth DDoS attacks in the 10Gbps range, indicating that large volumetric DDoS attacks are now becoming the “new normal.”
DDoS attacks that exceeded the total bandwidth into their data centre accounted for 25 per cent of cases, while attacks greater than 10 Gbps reached thirteen per cent.
“The single largest reported DDoS attack during the survey period was 60 Gbps, down from 100Gbps reported in 2010,” Dobbins said.
Respondents also indicated that application-layer and multi-vector DDoS attacks are increasing in both sophistication and complexity, with half of respondents reporting an application-layer attack on their network.
Reported attacks on the newly introduced IPv6 were mentioned in the report for the first time by respondents.
While Dobbins views this result as another milestone in the security arms race, he admits that IPv6 security incidents last year were “relatively rare” overall.
“This is a clear indication that while IPv6 deployments continue to advance, it is not yet economically or culturally significant enough to warrant serious attention by the Internet criminal underground,” he said.
The notion that certain countries and regions are a hotbed for DDoS attacks was backed up with about 75 per cent of respondents carefully eyeing the origin of traffic.
“There is also concern over the geographic origin of equipment they deploy in their networks,” he said.
In the mobile space, Arbor’s report found that a lack of tools among mobile operators for detecting security threats led to some inconsistent findings.
As an example, Dobbins point to how fifty per cent of respondents admitted to not seeing any attacks on their mobile infrastructure, but more than 30 per cent saw between 50 to 100 DDoS attacks per month.
“In addition, 44 per cent don’t know if they have infected hosts on their network,” Dobbins added.