Arbor Networks

ITNewsAfrica logo

Latest News       Profile      Arbor Networks Website       Contacts       IT News Africa

linkedin   twitter icon   facebook



Arbor Networks' 12th Annual Worldwide Infrastructure Security report finds attacker innovation

and IoT exploitation fuel DDoS attack landscape


JOHANNESBURG – January 26, 2017 – Arbor Networks, the security division of NETSCOUT, has released its 12th Annual Worldwide Infrastructure Security Report (WISR) offering direct insights from network and security professionals at the world’s leading service provider, cloud/ hosting and enterprise organisations.

The report covers a comprehensive range of issues from threat detection and incident response to managed services, staffing and budgets. Its focus is on the operational challenges Internet operators face daily from network-based threats and the strategies adopted to address and mitigate them.

This year’s report shows the stakes have changed for network and security teams. The threat landscape has been transformed by the emergence of Internet of Things (IoT) botnets.

As IoT devices proliferate across networks, bringing tremendous benefits to businesses and consumers, attackers are able to weaponise them due to inherent security vulnerabilities. This year’s report goes in-depth, covering how attackers exploit and recruit IoT devices, how IoT botnets enabled by Mirai source code operate and offers practical advice on how to defend against them.

The largest distributed denial-of-service (DDoS) attack reported this year was 800 Gbps, a 60 percent increase over 2015’s largest attack of 500 Gbps. This proves that not only are DDoS attacks getting larger, but they are also becoming more frequent and complex.

This increased scale and complexity has led more businesses to deploy purpose-built DDoS protection solutions, implement best practice hybrid defences and increase time for incident response practice – all positive developments in an otherwise gloomy threat environment.

“The survey respondents have grown accustomed to a constantly evolving threat environment with steady increases in attack size and complexity over the past decade,” says Darren Anstee, chief security technologist at Arbor Networks. “However, IoT botnets are a game changer because of the numbers involved. There are billions of these devices deployed and they are being easily weaponised to launch massive attacks. Increasing concern over the threat environment is reflected in the survey results, which show significant improvements in the deployment of best practice technologies and response processes.”

Key findings
Innovation and exploitation fuel DDoS attack landscapeThe emergence of botnets that exploit inherent security weaknesses in IoT devices and the release of the Mirai botnet source code have increased attacker ability to launch extremely large attacks.

Scale: The massive growth in attack size has been driven by increased attack activity on all reflection/ amplification protocols, and by the weaponisation of IoT devices and the emergence of IoT botnets.

  • Since Arbor began the WISR in 2005, DDoS attack size has grown 7,900 percent, for a compound annual growth rate (CAGR) of 44 percent.
  • In the past five years alone, DDoS attack size has grown 1,233 percent, for a CAGR of 68 percent.

Frequency: The chances of being hit by a DDoS attack have never been higher, with respondents showing increased rates of attack.

  • 53 percent of service providers indicated they are seeing more than 21 attacks per month – up from 44 percent last year.
  • 21 percent of data centre respondents saw more than 50 attacks per month, versus only eight percent last year.
  • 45 percent of enterprise, government and education respondents experienced more than 10 attacks per month – a 17 percent year over year increase.

Complexity: Multiple simultaneous attack vectors are increasingly being used to target different aspects of a victim’s infrastructure at the same time. These multi-vector attacks are popular because they can be difficult to defend against and are often highly effective, driving home the need for an agile, multi-layer defence.

  • 67 percent of service providers and 40 percent of Enterprise, Government and Education (EGE) reported seeing multi-vector attacks on their networks.

Consequences of DDoS attacks are becoming clear: DDoS attacks have successfully made many leading web properties unreachable – costing thousands, sometimes millions, of dollars in revenue. This has led the C-suite and company boards to make DDoS defense a top priority.

  • 61 percent of data centre operators reported attacks totally saturating data centre bandwidth.
  • 25 percent of data centre and cloud providers saw the cost of a major DDoS attack rise above $100,000, and five percent cited costs of over USD1 million.
  • 41 percent of EGE organisations reported DDoS attacks exceeding their total Internet capacity. Nearly 60 percent of EGE respondents estimate downtime costs above USD500/minute.

More appreciation of risk leads to better behaviour: This year’s survey results indicate a better understanding of the brand damage and operational expense of successful DDoS attacks, driving focus on best-practice defensive strategies.

Across the board, in every industry, there has been an increase in the use of purpose-built DDoS protection solutions and best practice methods.

  • 77 percent of service provider respondents are capable of mitigating attacks in less than 20 minutes.
  • Nearly 55 percent of EGE respondents now carry out DDoS defence simulations, with approximately 40 percent carrying them out at least quarterly.
  • The proportion of data centre and cloud provider respondents that are using firewalls for DDoS defence has fallen from 71 percent to 40 percent.

“The fact that DDoS attacks have increased in size and the massive threat of bandwidth saturation should be of concern to all African organisations and organisations operating in the region as this region has not been immune to DDoS threats but has witnessed a steep increase in attacks. We are fortunately seeing an increased interest in DDoS detection and mitigation services in the territory,” adds Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

The WISR survey data is based upon 356 responses from a mix of Tier 1, Tier 2 and Tier 3 service providers, hosting, mobile, enterprise and other types of network operators from around the world. Two-thirds of all respondents identify as security, network or operations professionals, and data covers November 2015 through to October 2016.

Ten percent of the WISR survey’s respondents are headquartered in the Middle East and Africa, and 23 percent of respondents operate a network in these regions.

For more information about Arbor in Africa, please contact Bryan Hamman at

About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.
To learn more about Arbor products and services, please follow us on Twitter @ArborNetworks. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.
Trademark Notice: Arbor Networks, the Arbor Networks logo and ATLAS are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.

Networks Unlimited, Chriselna Welsh, +27 (0) 11 202 8400,
icomm, Debbie Sielemann, +27 (0) 82 414 4633,, www.icomm-






Home    About Arbor Networks     Website



ITNewsAfrica logo

Download Button