SMB is the new sweet spot for DDoS attackers: Arbor Networks
- 29 January, 2016 11:49
Arbor Networks country manager A/NZ, Nick Race
Small to medium businesses need to be wary of the increasing threat of direct denial of service attacks according to networking company, Arbour Networks.
The company’s Worldwide Infrastructure Security Report (WISR) detailed the total number of DDoS attacks from a pool of 354 Tier 1 and Tier 2/3 service around the world and the findings show a shift in tactics by these actors.
Arbor Networks country manager A/NZ, Nick Race, said the threat of large-scale DDoS attacks was no longer confined to big business.
“The motivations [of attackers] have changed over the last twelve months. It’s really about extortion these days,” he explained.
Race said, in previous years, it was about nihilism, vandalism, hacktivism and other politically motivated actions and that these were usually targeted at the largest companies.
“The big organisations are still being attacked but the bad guys are getting more clever as they realise the top end of town are protecting themselves. The midsize and smaller companies don’t have that capability and so are more susceptible to attacks.”
Race went on to say that the Australian and New Zealand figures from the report reflect the global trend. The attacks are getting larger, according to Race, with the largest recorded at 500Gbps.
“More importantly, attacks are getting more sophisticated, they are what we call multi vector attacks,” he added.
“They are not only targeting the sheer volume of traffic to swamp the internet pipes, we are also seeing application layer attacks which are targeting specific parts of an organization's infrastructure.”
According to the report, 56 per cent of all attacks were multi-vector attacks and 93 per cent were application layer attacks.
Race emphasised the importance of a complex defence mechanism to mitigate the DDoS threat, especially as companies head to the Cloud.
“A lot of organisations are moving to the Cloud and believe they will be protected by their Cloud service provider. What we have seen is that the Cloud service providers themselves are being targeted because the attackers get more bang for their buck.If a service provider goes down, then all the customers within that environment go down.
Race said another good strategy was working with managed service security providers (MSSPs). He said they provide a defence against DDoS attacks by hosting in an overarching Cloud service or in a Datacentre which has DDoS protection.
“One of the things enterprises moving to the Cloud should ask is does the Cloud service provider have integrated DDoS protection as part of their service.”
Race claimed this sort of protection was not as common as one might think.