Telcos and ISPs see sophisticated DDoS attacks aimed at services and apps as the biggest internet security issue.
In its annual infrastructure security report, one of the most comprehensive internet security studies, Arbor Networks warns that the industry is nowhere near IPv6-ready.
The Arbor study, based on responses from 132 Tier 1, Tier 2 and other IP network operators worldwide, says 35% of them respondents believe that more sophisticated service and application attacks represent the largest operational threat over the next 12 months.
Another 21% expressed concerns about large-scale botnet-enabled attacks. Arbor said the largest reported DDoS attack was 49Gbps, aimed at a single European provider.
However, Arbor chief security office Danny McPherson said in a blog that beyond sheer size, service providers said “they are continuing to see attacks become more sophisticated, with attackers expressly aiming to exhaust resources other than bandwidth, such as firewalls, load-balancers, back-end database infrastructure and associated transaction capacity, cached data serving algorithms, etc.”
More than half of those surveyed reported growth in service-level attacks at 1 Gbps or less bandwidth that were designed to exploit service weaknesses, like vulnerable and expensive back-end queries and limitations on computing resources, Arbor said.
Several respondents reported multi-hour outages of internet services during the last year due to application-level attacks. These service-level attack targets included distributed domain name system (DNS) infrastructure, load balancers and large-scale SQL server back-end infrastructure.
“This increasing sophistication … continues to worry network operators,” McPherson said. With the consolidation of content sources and migration to the cloud, “the risk of attacks that impact multiple entities and more commonly induce collateral damage is heightened.”
Most providers said they were worried about the slow rate of IPv4 to IPv6 migration and complained of missing IPv6 security features in routers, firewalls and other critical network infrastructure.
Their concerns were reflected by a warning from the Number Resource Organization (NRO) that less than 10% of available IPv4 addresses remain unallocated.
“This small pool of existing IP addresses marks a critical moment in IPv4 address exhaustion, ultimately impacting the future network operations of all businesses and organizations around the globe,” the NRO said in a statement.
The NRO represents the five Regional Internet Registries (RIRs) that oversee the allocation of internet number resources.