I’ve still got a lot more to read in Arbor Networks’ annual “Worldwide Infrastructure Security Report,” released on Jan. 26, which weighs in at over 100 pages, but I’ve already run across several interesting results from their survey:
- The largest distributed denial of service (DDoS) attack reported this year was 500 gigabits per second (Gbps), with other attacks of 450 Gbps, 425 Gbps and 337 Gbps reported. Obviously, those were withering attacks, presumably against service providers (because who else has that much bandwidth?).
- The trend of substantial growth in the peak bandwidth consumed by DDoS attacks continues. Last year, 20 percent of service providers reported attacks over 50 Gbps. This year, nearly one-quarter reported peak attack volume over 100 Gbps.
- The proportion of respondents reporting attacks against application-layer protocols continued to increase, up to 93 percent this year, from 90 percent last year and 86 percent in 2013.
And, hitting close to home for Infoblox: “The most common service targeted by application-layer attacks is DNS this year.”
Finally, there is testament to the fact that IPv6 has finally arrived as a protocol: “Nine percent of respondents indicate they have witnessed IPv6 DDoS attacks. This is a significant increase over the 2 percent seen in previous iterations of this survey.”
Given these clear trends, it’s obvious we need to keep working to build DNS infrastructure that both resists DDoS attacks and can’t easily be co-opted into participating in them. Technologies including anycast and Response Rate Limiting can help. See my recent article in InfoWorld for details.