The widespread distributed denial-of-service (DDoS) attacks that brought down many major websites last week will lead to a shift in spending to emerging mitigation service providers.
Following global attacks which struck the US - impacting Australian websites along the way - customers are now expected to engage multiple DDoS mitigation service providers, as well as multiple site hosting and DNS service providers, to reduce risk of outage caused by sharing services with other likely targets.
As reported by ARN, Australian media, banks, airline, insurance, retail and hotel websites experienced outages and interruptions following a large-scale distributed denial of service (DDoS) attack in the US.
“Although most customers have been steadily decreasing the number of security vendors and security service providers they use to reduce complexity, the events of October 21 will create an exception to this strategy,” Technology Business Research principal analyst, Jane Wright, said.
“The greater-than-600Gbps attacks made clear that attackers can now exceed many service providers’ capacity to examine and scrub traffic, especially as attackers leverage devices in the Internet of Things (IoT) to swarm sites with traffic.”
The attackers struck three times on the east coast of the US on Friday, targeting US-based company Dyn, which provides internet traffic management services to multinational organisations across the world.
As a result, many businesses suffered outages as service providers were consumed with handling attacks targeting large, high-profile customers such as Twitter and Netflix.
“While the security industry and government plan a more effective defence against such volumetric attacks in the future, TBR believes customers will diversify their service provider partners as a short-term solution,” Wright added.
Consequently, Wright believes DDoS mitigation spending will increase, with revenue distributed among more providers.
“Customers will increase spending for DDoS mitigation services and assign network portions and domain groups to different service providers, to diversify their risk in case one of their service providers is overwhelmed by attacks against their own sites or sites owned by their provider’s other customers,” Wright added.
Wright said revenue for DDoS mitigation products and services is covered in the network security segment of TBR’s Enterprise Security Benchmark, which showed the segment’s revenue increasing 15 per cent year-to-year for 24 benchmarked vendors in 2Q16.
Looking ahead, TBR estimates DDoS mitigation spending will increase 16 per cent to 17 per cent year-to-year in 1Q17, adding about $US40 million to market revenue in the quarter, as a result of the attacks.
“Customers will continue to depend on DDoS mitigation services from established providers,” Wright added.
“At the same time, customers will evaluate relatively new security service providers and new DDoS mitigation service providers will emerge to meet demand as customers revive the “security through diversity” approach.”
For Wright, customers with mature security skills will also add layers of in-house protection by deploying additional anti-DDoS appliances, with end-user security strategies and spending often reflecting the changing attack landscape.
Following a cluster of breaches involving credit card data in 2014 (e.g., the attacks on Target and Home Depot), TBR research noted an increase in data loss prevention (DLP) spending.
Similarly, Wright believes the spate of DDoS attacks will shift revenue and growth opportunities, highlighting the importance for security vendors and service providers to maintain flexibility so they can quickly adapt as the next wave of cybercrime.