DDoS attacks are a greater security threat to businesses in 2017 than ever before, and internet service providers (ISPs) need to do something about it according to a new survey of IT security professionals and network operators released today from Corero Network Security.
The annual study polled top technology decision makers and security experts at the 2017 RSA Security Conference last month in San Francisco, CA. This year’s survey found that the majority (56%) of the nearly 100 respondents view DDoS attacks as greater and graver concern in 2017 than in previous years.
>See also: DDoS attacks now a priority with UK law enforcement, says cybercrime unit chief
This elevation of risk comes at a time when DDoS attacks continue to increase in frequency, scale and sophistication over the last year. 31 percent of IT security professional and network operators polled in this year’s survey experienced more DDoS attacks than usual in recent months, with 40% now experiencing attacks on a monthly, weekly or even daily basis.
To alleviate this problem, 85% are now demanding additional help from their ISPs to block DDoS traffic before it reaches them.
The findings follow reports in the UK that Britain’s National Cyber Security Centre (NCSC) is putting pressure on ISPs to rewrite Internet standards around spoofing, in order to reduce the volume of DDoS attack traffic on their networks.
Dr Ian Levy, technical director at NCSC, has called for ISPs to make changes to the border gateway protocol (BGP) and Signalling System 7 (SS7) standards, in order to halt the re-routing of traffic used in simple, volumetric DDoS attacks.
“Organisations that once had DDoS protection projects on the back burner are now re-prioritising their security strategies to place DDoS mitigation at the forefront in 2017. As new, large scale attacks have come online leveraging IoT devices, the DDoS threat has become top of mind for CISOs. This shift in precedence puts increased pressure on Internet and cloud providers to enable this protection for their customers, and eliminate DDoS threats closer to the source.” said Rob Ayoub, research director at IDC.
>See also: DDoS attacks: why size isn’t everything
Ashley Stephenson, CEO at Corero Network Security, said, “ISPs have long carried the burden of defending their own network against DDoS attacks, but as the threat landscape has changed, so must their response. Providers will likely find themselves at an important crossroads during the next year, as pressure builds on them from both customers and governments to address the growing DDoS problem. By accepting a greater responsibility for defending their customers and networks against DDoS attacks, ISPs could modernize their security service offerings and increase customer satisfaction – in contrast, ignoring this call to action could open up the possibility of future regulatory controls related to DDoS protection.”
The Corero study found that a worrying 58% of security professionals are still relying on ‘home grown’ open source solutions, or traditional security infrastructure like firewalls, to protect themselves against DDoS attacks.
Just more than a third (36%) are adopting cloud-based solutions, including scrubbing centres, and an additional 35% are using on-premises DDoS mitigation products.
While the vast majority (85%) believe their ISP should be dealing with the DDoS problem for them, as part of their service, almost half (46%) indicated they would be prepared to pay an additional fee to have DDoS traffic removed before it reaches their network.
>See also: How to improve your DDoS defence
Of those who were willing to pay their ISP for such a premium service, almost three quarters (74%) would consider spending up to a quarter of their total ISP spend to eliminate this threat.
Stephenson continued: “There is clearly a valuable business benefit for ISPs to position themselves as leading the charge against DDoS attacks, both in protecting their own infrastructure and enabling them to offer more comprehensive security solutions to their customers, as a paid-for managed service. DDoS attacks are becoming more frequent, more complex and more significant, so it is not surprising that so many security teams would rather outsource the solution to this important problem to their ISP.”
The Corero study also examined what was perceived to be the most worrying impact of DDoS attacks on victim organisations. The biggest risk factor, which was cited by almost half of the respondents (45%), was the potential for loss of customer trust and confidence.
Lost revenues were also a serious concern (cited by 17%), while malware infection was also seen as a potential problem.