SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
It's a game of risk: DDoS attacks intensify in 2017
Wed, 3rd May 2017
FYI, this story is more than a year old

Distributed denial of service (DDoS) attacks are getting larger this year and it's now a game of risk, according to a new report from Neustar.

The global Worldwide DDoS Attacks and Cyber Insights Research Report found that 45% of all attacks were more than 10Gbps and 15% were at least 50Gbps, highlighting a jump that was almost double last year's rate.

In Q1 2017, attacks were going after every industry, with 849 out of 1010 organisations hit. 85% of those attacked were hit more than once.

“With organisations across Asia Pacific being attacked more often and DDoS attacks predicted to become even larger and more complex, IT and business leaders need to evaluate the effectiveness of existing security strategies,” comments Neustar's APAC general manager, Robin Schmitt.

Across Asia Pacific, 48% of organisations were attacked between 2-5 times. Those attacks are costing an average peak hourly revenue loss of at least $250,000.

49% of organisations are also taking an average of three hours to detect an attack and 42% take at least three hours to respond.

What are those DDoS attacks doing on networks? Attackers are focused on distributing malware: 48% of APAC DDoS attacks resulted in virus discovery, 34% activated malware and 15% encountered ransomware.

However, an organisation's customers are taking on DDoS monitoring, with 40% of global respondents saying they'd received attack alerts from customers, a 29% increase in 2016.

99% of global organisations have DDoS protection in place, but the report suggests that there are areas for improvement.

IoT devices are continuing to be a choke point for APAC organisations, as they are reluctant to plan use defences to extend their current security models across IoT devices. Only 35% focus on preventing attacks on IoT.

“The research shows that simply identifying an attack and depending on basic defences is not enough. Organisations in the region need to adopt stronger defences and innovative solutions to more quickly and effectively mitigate the growing risk and likely impact of a major DDoS attack,” comments Schmitt.

Neustar says that while generally Q4 is generally DDoS season, the Q1 attack data shows that the year is off to a fast start. The company says it has tripled its DDoS mitigation network capacity to 3Tbps and will increase to 10Tbps by 2018.