& cplSiteName &

When Size Matters

Carol Wilson
10/18/2013
50%
50%

It is easy to get lost in the numbers when discussing distributed denial of service (DDoS) attacks and other network breaches but the figures Arbor Networks released this week regarding DDoS attacks are worthy of special note. They are a strong indication of new threats for which network operators need to be prepared. (See Arbor Sees Alarming Rise in Size of DDoS Attacks.)

Those numbers come from the 275 network operators that are customers of Arbor Networks 's Atlas network security system and regularly report troublesome activity. They show that larger bit-per-second attacks are back in vogue, and have grown so rapidly they threaten to not only cause massive problems for their targeted companies but also for networks in general.

For the past couple of years, larger packet-per-second attacks were more the norm, says Darren Anstee, solutions architect team manager for Arbor. Those tend to exhaust forwarding performance.

Last March, however, the largest single cyber-attack to date was launched against the servers of Spamhaus, a non-profit agency that battles spam. Since that attack, the trend has been to ever larger bit-per-second attacks. The Spamhaus attack, which hit 300 Gbit/s, affected Internet traffic globally and hurt many businesses in the process.

And here are the staggering numbers: There has been more than 350 percent growth in the number of attacks monitored at greater than 20 Gbit/s so far this year, as compared to 2012. The average DDoS attack in 2013 is currently measured at 2.64 Gbit/s, up 78 percent from last year.

That's of particular concern to service providers because attacks of that size will not only swamp the resources of the target company but can also swamp aggregation routers serving that company and others, and create major congestion issues for the network in general.

"There is a much broader range of organizations that are going to get their Internet connectivity completely saturated by an average attack," says Anstee. "They will be dependent on their service providers or on cloud-based protection to deal with that."

These attacks are being launched either by cyber-criminals, who use them as distractions for other activity or as "take-outs" for extortion or other purposes, or by so-called "hacktivists," who for a variety of ideological reasons, target various companies or web operations for attack to make a political point.

Two suspects have been arrested in the Spamhaus attack, for example, one a Dutch participant in countercultural ISP and one a UK schoolboy who was apparently making considerable money from Internet activity. They targeted Spamhaus because of its efforts to identify and stop spam email that poses security threats.

Because it's harder to predict where attacks will come from next, it's become much more important to prepare for them, Anstee says. And that means making sure there are solutions in place to help customers who are attacked, as well as protection for the service providers' infrastructure to prevent or respond to collateral damage from these massive attacks.

"Since we are seeing more very large attacks -- we saw a 191Gbits/sec attack in August -- service providers also need to be looking at capacity planning models for their mitigation infrastructure," he warns. As the size of average and peak attacks grows, network operators must make sure they can deal with these larger threats.

As I said at the outset, it's easy to get lost in such staggering figures, but the latest warnings are not something to glaze over. There have been many other warnings as well, and expressions of concern that service providers aren't taking the rapidly growing threats seriously. Given that Arbor's numbers come straight from the networks themselves, this is proof of what lies ahead, ready or not. (See Security Threat Intensifies for Service Providers.)

— Carol Wilson, Editor-at-Large, Light Reading

(6)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
pdonegan67
50%
50%
pdonegan67,
User Rank: Light Sabre
10/21/2013 | 4:37:48 AM
Re: Are we shock-proof?
I started researching the service provider security space three or four years ago and was immediately struck by the confluence of proven incidents of attacks that have had truly devastating effects alongside some positively steaming shovels full of fear-mongering bullshit on the part of some security vendors. The two really do co-exist.

As my research has gone on, I've found that the pitching of security solutions into the service provider space is typically quite a lot more sober than it is into the enterprise.

Very few service providers fall for the histrionics-based sell, in my experience This is either because they're highly security-savvy and know how to categorize risks according to the threat level they represent.

Or (as is still too often the case) it's because they can't differentiate different threat levels, can't be bothered to, and don't much care about anything beyond the next quarter's revenue target. In the case of these guys, if they invested in the right security solutions they might find that a couple of unexplained outages which suspended their ability to bill during the quarter were actually caused by malicious attacks but hey, why let that interfere with sound accountant-led thinking, right?

I'm actually struck by how sober and business-case oriented most pitching of security solutions to service providers is these days. I'm also struck, not coincidentally, by the relatively high rate of failure among the minority of security solution vendors who shriek with scant evidence that the sky is falling in. They often find that it's actually them that the sky subsequently falls in on where service provider business is concerned.

Where Arbor Networks is concerned I've an interest to declare in that I've done quite a bit of work with them. They have laced my palm with silver. They're one of the sponsors of Light Reading's second Mobile Network Security conference that I'm chairing in New York on December 5th, for example (see our LIve Events listing).

So take this with a pinch of salt if you will, but when I talk to service providers, the feedback I get about Arbor is that they are one of a select few companies whose opinions and solutions for service provider security are nearly always taken very seriously pretty much anywhere in the world.

Better still, ask around yourself, and see if you encounter a different pattern. I'd be very surprised.
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
10/18/2013 | 7:35:35 PM
Re: Are we shock-proof?
Hacktivists are organizations with a political ax to grind - think Anonymous or Wikileaks -- and their wanna-bes - who launch attacks to make a point, and not necessarily for profit. 

That is a trend we should possibly be following more closely. 
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
10/18/2013 | 7:33:54 PM
Re: Are we shock-proof?
I actually did a rather extensive search of the SpamHaus attack and never saw anything that said it was a PR hoax. A number of respected tech sites took this very seriously so if it is a hoax, it was wildly successful, fooling Cnet, Cisco, slashdot, zdnet, reddit and nextweb. 

I assume the organization you are criticizing is Cloudflare? I did find two reports criticizing them for exaggerating the potential impact of the SpamHaus attack, claiming it could have "broken" the Internet. But even critics admit this was a serious attack. 

Arbor isn't saying these larger attacks are breaking the Internet and yes, they have something to sell toe service providers but no one is hiding that, and being aware of ever larger DDoS attacks is still a good idea. 
prtrumpsreality
50%
50%
prtrumpsreality,
User Rank: Light Beer
10/18/2013 | 5:58:27 PM
Re: Are we shock-proof?
You shuld check facts better.  The SpamHaous attack was so small, that nobody (except spamhaus) noticed.

The publicity campaign that was kicked off by the comapny they hired to fix their problem however, made up some numbers so crazy, that everyone saw "largets in history", and that PR has now replaced the truth.

the Spamhaus ISP published their traffic logs for the period in question in response, showing that there was no discernable peak or spike in data.  

It seem nothing can beat a good PR advertising campaign though :-(
pzernik
50%
50%
pzernik,
User Rank: Light Sabre
10/18/2013 | 5:34:53 PM
Re: Are we shock-proof?
Hi Carol.  What exactly are hacktivist groups and what are their motives?  Can LR do an article on this subject? 
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
10/18/2013 | 3:47:42 PM
Are we shock-proof?
Arbor has been tracking this stuff longer than most and while they usually have some shocking numbers to share, this current report is truly disturbing. 
More Blogs from Rewired
A quick trip in the Wilson way-back machine shows telecom operators have been at this a long time, maybe too long?
Russo, the man who cashed in pretty quickly on his first major success, Cerent, is leading a much longer-term effort to bring software-defined networking to the access realm at Calix.
SD-WAN market set to surge but it's not replacing MPLS anytime soon, and there will be security and operational challenges ahead, according to a 451 Research survey.
Lowell McAdam says cable merger no longer seems likely but is still open to other ideas – like a Comcast merger.
Harmonization, minding the product gap, getting 5G right, mimicking Red Hat and praising the Linux Foundation's expanded role all make the list.
From The Founder
NFV's promises of automation and virtualization are intriguing, but what really excites service providers is the massive amount of money they could save.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
Women in Comms Introduction Videos
VMWare VP Brings Women Up With Her

8|16|17   |   6:49   |   (1) comment


It's an art and a science to make mentorship, inclusive leadership, diversity and promotion of high-potential women work, says Honore' LaBourdette, vice president of Global Market Development at VMWare.
LRTV Documentaries
5G Spectrum Wars – The Recap

8|15|17   |   2:22   |   (0) comments


Service provider 3 has filed a lawsuit against Ofcom over 5G spectrum auction in the UK.
LRTV Custom TV
Say What? Facebook Unleashes AI Anarchy – The Recap

8|7|17   |     |   (0) comments


A recap of the week's talking points on Light Reading's sister site, telecoms.com. Facebook AI programmers had a bit of a brain-fade as they allowed one of its AI applications to invent its ...
Women in Comms Introduction Videos
Fujitsu's Women Band Together to Help Girls Do STEM

8|2|17   |   9:35   |   (1) comment


Supporting women both inside and outside of Fujitsu is a top priority of the telecom vendor. Yanbing Li, Fujitsu Network Communication's director of System Software Development & Delivery, shares why it's important, but why there's still a long road ahead.
LRTV Custom TV
If You're Not First, You're Last – The Recap

7|31|17   |   08:18   |   (1) comment


In case you missed it, Amazon's 1% stock increase helped Jeff Bezos dethrone Bill Gates as the richest man in the world. Also, Taiwanese electronics manufacturer
Women in Comms Introduction Videos
AT&T's Tech President Preps Workforce for the Future

7|26|17   |   5:47   |   (10) comments


AT&T is focused on the software-defined network of the future and is reskilling its workforce to get ready too, according to AT&T's President of Technology Development Melissa Arnoldi.
Women in Comms Introduction Videos
Cisco: Mentoring Critical to Attract & Retain Women

7|19|17   |   6:40   |   (1) comment


Liz Centoni, senior vice president and general manager of Cisco's Computing System Product Group, shares why mentoring in all its forms is important for women and what Cisco is doing that's made a difference for women in tech.
LRTV Custom TV
Gigabit LTE With Snapdragon 835

7|12|17   |     |   (1) comment


At an event in Wembley stadium, EE used its live network to demonstrate gigabit LTE using a Sony Xperia XZ Premium smartphone with a Qualcomm Snapdragon 835 chip.
LRTV Custom TV
Implementing Machine Intelligence With Guavus

7|12|17   |     |   (0) comments


Guavus unites big data and machine intelligence, enabling many of the the largest service providers in the world to save money and drive measureable revenue. Learn how applying Machine Intelligence substantially reduces operational costs and in many cases can eliminate subscriber impact, meaning a better subscriber experience and higher NPS.
LRTV Custom TV
Unlocking Customer Experience Insights With Machine Intelligence

7|12|17   |     |   (0) comments


When used to analyze operational data and to drive operational decisions, machine intelligence reduces the number of tasks which require human intervention. Guavus invested in Machine Intelligence early. Learn about the difference between Machine Learning and Machine Intelligence.
Women in Comms Introduction Videos
Verizon VP Talks Network, Career Planning

7|12|17   |   4:49   |   (0) comments


Heidi Hemmer, vice president of Technology, Strategy & Planning at Verizon, shares how bold bets and the future of tech define her career.
Telecom Innovators Video Showcase
Masergy's NFV Journey

7|11|17   |     |   (0) comments


Ray Watson, vice president of global technology at Masergy, discusses the advantages and challenges in entering the still-maturing NFV market for the past three years.
Upcoming Live Events
September 28, 2017, Denver, CO
October 18, 2017, Colorado Convention Center - Denver, CO
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 30, 2017, The Westin Times Square
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Intel CEO Leaves Trump Biz Advisory Board
Dan Jones, Mobile Editor, 8/15/2017
Are Cord-Cutting's Days Numbered?
Alan Breznick, Cable/Video Practice Leader, Light Reading, 8/14/2017
Analyst Nolle: Fundamental Errors Plague NFV
Carol Wilson, Editor-at-large, 8/11/2017
Verizon Video Woes Pile On
Mari Silbey, Senior Editor, Cable/Video, 8/14/2017
Orchestration Startup UBiqube Pivots Away From NFV
Carol Wilson, Editor-at-large, 8/15/2017
Like Us on Facebook
Twitter Feed
Animals with Phones
We Know a Tough Day When We See One Click Here
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.