COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1
Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2
Overview This presentation provides a summary of NETSCOUT Arbor s 13th annual Worldwide Infrastructure Security Report (WISR) The WISR features observations from network and security professionals at the world s leading service provider, cloud / hosting and enterprise organizations The report covers a comprehensive range of issues from threat detection and incident response to managed services, staffing, and budgets Its focus is on the operational challenges faced daily and the strategies adopted to address and mitigate them COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 3
Volumetric Attacks Are Down in Peak Size While the size of the very largest attack was down, the proportion of volumetric attacks was up overall Attackers realized that there is very little you can do with 800 Gbps of firepower that you can t do with 600 Gbps Marked increase in the complexity of attacks COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 4
But Don t Be Fooled ATLAS Telemetry ATLAS observed 7.5 million DDoS attacks in 2017 vs. 6.8 million in 2016 Largest attack in 2017 was 641 Gbps NETSCOUT Arbor s Active Threat Level Analysis System (ATLAS) delivers insight into 1/3 of global internet traffic COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 5
Regional comparison (from ATLAS) Number of DDoS attack higher in Europe than other regions Average DDoS attack size higher in North America COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 6
Reflection still rules DNS and NTP Reflection/Amplification attacks are most common C-LDAP attack is on the rise, doubled in last 6 months to 5,464 attacks per week COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 7
Attack Innovation Seen at the Edge Rising Complexity Multi-vector attacks combine high volume floods, application-layer attacks and TCP-state exhaustion attacks in a single sustained offensive, increasing mitigation complexity and attacker's chance for success 20% increase over last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 8
DDoS Continues to Evolve Application-layer Attacks 30% increase of enterprises that experienced application-layer attacks in 2017 Web services and DNS continue to dominate application-layer attacks COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 9
Attacks type seen by Service Provider COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 10
A Frequent, Painful Problem EGE DDoS Attack Frequency 60% 10% 12% 4% 13% 1 10 ATTACKS IN L AST 12 MONTHS 11 20 ATTACKS IN LAST 12 MONTHS 21 50 ATTACKS IN LAST 12 MONTHS 51 100 ATTACKS IN LAST 12 MONTHS 100+ ATTACKS IN LAST 12 MONTHS Data Center Service Affecting Attacks 51 100 Source: NETSCOUT Arbor 11 20 21 50 0 2X percentage of enterprises reporting 100+ DDoS attacks/year over the previous year 5% 9% 5% 9% 78% of data center operators experienced between 1 and 20 service-affecting attacks 73% 1 10 COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 11 Source: NETSCOUT Arbor
Across All Business Types Not Just The Usual Suspects Weaponization of botnets and cheap DDoS for hire services threaten all business types These same verticals are driving demand for DDoS services Cloud and IoT are having an impact 22% of ISPs see attacks originating from on-net IoT 36% see attacks targeting cloud services, up from a quarter COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 12
Consequences Are Rising for Data Center Drives Interest at C-Level Data Center DDoS Cost 45% 40% 35% 30% 33% 39% As the operational and financial of impact of DDoS attacks increase, so too does executive-level interest in availability protection 25% 20% 15% 11% 11% Over half of respondents see an impact of $10-100K, double the proportion from 2016 10% 5% 0% 6% Nearly half of organizations report customer churn Less than $10,000 $10,000 to $25,000 $25,000 to $50,000 $50,000 to $100,000 $100,000 to $100,000,000 Source: NETSCOUT Arbor COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 13
Consequences Are Rising for Enterprise Drives Interest at C-Level Reputation / brand damage top business impact of an attack, operational expenses second 2X reporting revenue loss from DDoS attacks in 2017 77% report DDoS part of business or IT risk assessments 12% see costs of over $100K, a 5x increase from last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 14 60% 50% 40% 30% 20% 10% 0% Business Impacts of DDoS Attacks 57% Reputation/ brand damage Source: NETSCOUT Arbor 42% Increased operational expense 32% 30% Revenue loss Specialized IT security remediation and investigation services 25% Loss of customers Loss of executive or senior management 11% Extortion payments Increase in cybersecurity insurance premium Stock price fluctuation 9% Regulatory penalties and/or fines
Threats & Concerns Enterprise, Government & Education Ransomware #1 threat and #1 concern DDoS #2 threat and #3 concern APT #2 concern, only experienced by 15% COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 15
Threats & Concerns Service Provider DDoS attacks represent top threat observed and equally concerning Infrastructure outages reclaims second spot Compromise of Mgmt. Networks is far concern than observed last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 16
The DDoS battle - Detection COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 17
The DDoS battle - Mitigation COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 18
Attack Motivations Enterprise, Government, & Education COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 19
Attack Motivations Service Provider COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 20
Operational Security Lack of resources & difficulty hiring and retaining skilled personnel top concerns for building effective operational security team 23% of SP report security teams of 30+ vs.14% of EGE COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 21
SDN & NFV Proportion of SP with SDN or NFV in production has doubled over previous year Operational Concerns, Interoperability, and Cost leading barriers to SDN / NFV COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 22
Survey Demographics 45% Enterprise Government & Education 55% Service Providers COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 23
Thank You. Contact: cfchui@arbor.net www.netscout.com COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 24