Telcos and ISPs see sophisticated DDoS attacks aimed at services and apps as the biggest internet security issue.
In its annual infrastructure security report, one of the most comprehensive internet security studies, Arbor Networks warns that the industry is nowhere near IPv6-ready.
The Arbor study, based on responses from 132 Tier 1, Tier 2 and other IP network operators worldwide, says 35% of them respondents believe that more sophisticated service and application attacks represent the largest operational threat over the next 12 months.
Another 21% expressed concerns about large-scale botnet-enabled attacks. Arbor said the largest reported DDoS attack was 49Gbps, aimed at a single European provider.
However, Arbor chief security office Danny McPherson said in a blog that beyond sheer size, service providers said “they are continuing to see attacks become more sophisticated, with attackers expressly aiming to exhaust resources other than bandwidth, such as firewalls, load-balancers, back-end database infrastructure and associated transaction capacity, cached data serving algorithms, etc.”
More than half of those surveyed reported growth in service-level attacks at 1 Gbps or less bandwidth that were designed to exploit service weaknesses, like vulnerable and expensive back-end queries and limitations on computing resources, Arbor said.
Several respondents reported multi-hour outages of internet services during the last year due to application-level attacks. These service-level attack targets included distributed domain name system (DNS) infrastructure, load balancers and large-scale SQL server back-end infrastructure.