COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

Similar documents
Analisi degli attacchi DDOS e delle contromisure

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

DDoS MITIGATION BEST PRACTICES

WORLDWIDE INFRASTRUCTURE SECURITY REPORT

Arbor WISR XII The Stakes Have Changed. Julio Arruda V1.0

Global Threat Landscape

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

Arbor White Paper Keeping the Lights On

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT

Cyber Security in Smart Commercial Buildings 2017 to 2021

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

DNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER

2017 RIMS CYBER SURVEY

Arbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

State of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager

ACHIEVING FIFTH GENERATION CYBER SECURITY

CHIME and AEHIS Cybersecurity Survey. October 2016

Cybersecurity The Evolving Landscape

Building a Threat Intelligence Program

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

STATE OF THE NETWORK STUDY

Cyber Attack: Is Your Business at Risk?

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation.

Comprehensive DDoS Attack Protection: Cloud-based, Enterprise Grade Mitigation F5 Silverline

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Cyber Insurance: What is your bank doing to manage risk? presented by

Multi-vector DDOS Attacks

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Tripwire State of Container Security Report

Taking a Business Risk Portfolio (BRP) Approach to Information Security

Disaster Recovery Is A Business Strategy

The Cost of Denial-of-Services Attacks

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

HOSTED SECURITY SERVICES

Kaspersky for Business. On the Money: Growing IT Security Budgets to Protect Digital Transformation Initiatives. Kaspersky Lab

Enterprise D/DoS Mitigation Solution offering

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Todd Sander Vice President, Research e.republic Inc.

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

THALES DATA THREAT REPORT

Downtime by DDoS: Taking an Integrated Multi-Layered Approach. Arbor Solution Brief

Service Provider View of Cyber Security. July 2017

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

The State of Cloud Monitoring

Putting security first for critical online brand assets. cscdigitalbrand.services

Cybersecurity for Service Providers

Mastering The Endpoint

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach

ENABLING SECURE CLOUD CONNECTIVITY. Create a Successful Cloud Strategy with Reliable Connectivity Solutions

Cybersecurity Auditing in an Unsecure World

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Think You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help.

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Cyber Security Incident Response Fighting Fire with Fire

The 2017 State of Endpoint Security Risk

THE STATE OF CLOUD & DATA PROTECTION 2018

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Cyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Why DDoS Makes for Risky Business and What You Can Do About It

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

CyberEdge. End-to-End Cyber Risk Management Solutions

A10 DDOS PROTECTION CLOUD

Hearing Voices: The Cybersecurity Pro s View of the Profession

WHITE PAPER Hybrid Approach to DDoS Mitigation

CYBERSECURITY RESILIENCE

Cybersecurity 2016 Survey Summary Report of Survey Results

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Emerging Technologies The risks they pose to your organisations

Jeff Wilbur VP Marketing Iconix

Managed Endpoint Defense

Moving from Prevention to Detection March 2017

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Cybersecurity Survey Results

Angela McKay Director, Government Security Policy and Strategy Microsoft

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

` 2017 CloudEndure 1

MULTIPLAYER GAMING SOLUTION BRIEF

Security in India: Enabling a New Connected Era

CYBER INSURANCE: MANAGING THE RISK

Cyber Risks in the Boardroom Conference

Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses

DIGITAL TRUST Making digital work by making digital secure

Digital Transformation Drives Distributed Store Networks To The Breaking Point

Transcription:

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2

Overview This presentation provides a summary of NETSCOUT Arbor s 13th annual Worldwide Infrastructure Security Report (WISR) The WISR features observations from network and security professionals at the world s leading service provider, cloud / hosting and enterprise organizations The report covers a comprehensive range of issues from threat detection and incident response to managed services, staffing, and budgets Its focus is on the operational challenges faced daily and the strategies adopted to address and mitigate them COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 3

Volumetric Attacks Are Down in Peak Size While the size of the very largest attack was down, the proportion of volumetric attacks was up overall Attackers realized that there is very little you can do with 800 Gbps of firepower that you can t do with 600 Gbps Marked increase in the complexity of attacks COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 4

But Don t Be Fooled ATLAS Telemetry ATLAS observed 7.5 million DDoS attacks in 2017 vs. 6.8 million in 2016 Largest attack in 2017 was 641 Gbps NETSCOUT Arbor s Active Threat Level Analysis System (ATLAS) delivers insight into 1/3 of global internet traffic COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 5

Regional comparison (from ATLAS) Number of DDoS attack higher in Europe than other regions Average DDoS attack size higher in North America COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 6

Reflection still rules DNS and NTP Reflection/Amplification attacks are most common C-LDAP attack is on the rise, doubled in last 6 months to 5,464 attacks per week COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 7

Attack Innovation Seen at the Edge Rising Complexity Multi-vector attacks combine high volume floods, application-layer attacks and TCP-state exhaustion attacks in a single sustained offensive, increasing mitigation complexity and attacker's chance for success 20% increase over last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 8

DDoS Continues to Evolve Application-layer Attacks 30% increase of enterprises that experienced application-layer attacks in 2017 Web services and DNS continue to dominate application-layer attacks COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 9

Attacks type seen by Service Provider COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 10

A Frequent, Painful Problem EGE DDoS Attack Frequency 60% 10% 12% 4% 13% 1 10 ATTACKS IN L AST 12 MONTHS 11 20 ATTACKS IN LAST 12 MONTHS 21 50 ATTACKS IN LAST 12 MONTHS 51 100 ATTACKS IN LAST 12 MONTHS 100+ ATTACKS IN LAST 12 MONTHS Data Center Service Affecting Attacks 51 100 Source: NETSCOUT Arbor 11 20 21 50 0 2X percentage of enterprises reporting 100+ DDoS attacks/year over the previous year 5% 9% 5% 9% 78% of data center operators experienced between 1 and 20 service-affecting attacks 73% 1 10 COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 11 Source: NETSCOUT Arbor

Across All Business Types Not Just The Usual Suspects Weaponization of botnets and cheap DDoS for hire services threaten all business types These same verticals are driving demand for DDoS services Cloud and IoT are having an impact 22% of ISPs see attacks originating from on-net IoT 36% see attacks targeting cloud services, up from a quarter COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 12

Consequences Are Rising for Data Center Drives Interest at C-Level Data Center DDoS Cost 45% 40% 35% 30% 33% 39% As the operational and financial of impact of DDoS attacks increase, so too does executive-level interest in availability protection 25% 20% 15% 11% 11% Over half of respondents see an impact of $10-100K, double the proportion from 2016 10% 5% 0% 6% Nearly half of organizations report customer churn Less than $10,000 $10,000 to $25,000 $25,000 to $50,000 $50,000 to $100,000 $100,000 to $100,000,000 Source: NETSCOUT Arbor COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 13

Consequences Are Rising for Enterprise Drives Interest at C-Level Reputation / brand damage top business impact of an attack, operational expenses second 2X reporting revenue loss from DDoS attacks in 2017 77% report DDoS part of business or IT risk assessments 12% see costs of over $100K, a 5x increase from last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 14 60% 50% 40% 30% 20% 10% 0% Business Impacts of DDoS Attacks 57% Reputation/ brand damage Source: NETSCOUT Arbor 42% Increased operational expense 32% 30% Revenue loss Specialized IT security remediation and investigation services 25% Loss of customers Loss of executive or senior management 11% Extortion payments Increase in cybersecurity insurance premium Stock price fluctuation 9% Regulatory penalties and/or fines

Threats & Concerns Enterprise, Government & Education Ransomware #1 threat and #1 concern DDoS #2 threat and #3 concern APT #2 concern, only experienced by 15% COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 15

Threats & Concerns Service Provider DDoS attacks represent top threat observed and equally concerning Infrastructure outages reclaims second spot Compromise of Mgmt. Networks is far concern than observed last year COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 16

The DDoS battle - Detection COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 17

The DDoS battle - Mitigation COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 18

Attack Motivations Enterprise, Government, & Education COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 19

Attack Motivations Service Provider COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 20

Operational Security Lack of resources & difficulty hiring and retaining skilled personnel top concerns for building effective operational security team 23% of SP report security teams of 30+ vs.14% of EGE COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 21

SDN & NFV Proportion of SP with SDN or NFV in production has doubled over previous year Operational Concerns, Interoperability, and Cost leading barriers to SDN / NFV COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 22

Survey Demographics 45% Enterprise Government & Education 55% Service Providers COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 23

Thank You. Contact: cfchui@arbor.net www.netscout.com COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback