The Stakes Have Changed, Have You?

Arbor’s 2016 Worldwide Infrastructure Security Report (WISR for short)

increased ddos attacks
Sean Brady

You’ll note a new image on our home page today with the headline “The Stakes Have Changed, Have You?” This is a new focus for our DDoS solution and part of the new look and feel of the Arbor website.

What do I mean by “the Stakes Have Changed?” Take a look at this eye-popping chart which can be found on page 24 of Arbor’s 2016 Worldwide Infrastructure Security Report (WISR for short):

Survey Peak Attack Size

The key takeaway from this chart is that within the past 5 years (really since 2012), Arbor has seen a dramatic spike in the size of volumetric DDoS attacks; a trend we continue to witness in both size and frequency.

Now, it’s easy for us to select data published in our own annual report and waive it around as if to say “Look, Ma, the Stakes Have Changed!” But that’s not going to meet our standard for the purposes of this discussion. Let’s pull another piece of data, this time with credit going to the good folks at av-test.org.

Total Malware
Source: https://www.av-test.org/en/statistics/malware/

 

Notice any familiar elements to the trend lines? This hockey-stick spike in malware over the past decade is telling. DDoS attacks are largely perpetrated by infected computers participating in a botnet, communally driving traffic toward identified targets. While not all malware drives DDoS attacks, the correlation is clear – the spike in DDoS attacks happens to coincide with an explosive spike in the volume of malware in existence. More worrisome, the trend in malware is not one you would expect to drop in subsequent years – the growth curve may smooth out, but it’s not going to decline. The stakes are changing, what is the ripple effect this may cause?

It’s easy to cherry-pick charts and data which show spikes in recent years, particularly in the security industry. The reality is that in security everything’s connected. Malware begets detection solutions which beget new variants to beat the solutions which beget etc. etc. etc., until all of the sudden you have a massive spike in both the threats and the number of solutions available to fight the threats. But, that’s a blog for another day – what I think is more interesting are the facts outside of security which reinforce the narrative:

Growth in IoT
Source: https://www.ncta.com/platform/broadband-internet/behind-the-numbers-growth-in-the-internet-of-things-2/

 

The National Cable & Telecommunications Association (NCTA) for sure has a stake in forecasting the number of devices connecting to the internet in the coming years – their members will be obligated to carry the increased volume of traffic, for starters. But to connect it to our conversation of the moment, there’s our hockey stick again. In this context, we all need to take away the point that Billions of devices are going to be newly dependent on the Internet in the coming years – all relying on the availability and reliability of the networks. The stakes are changing as our responsibilities change.

One more, just to drive the point home:

Again, the spike over the past decade (or less) –  this time reflecting the global nature of how the stakes are changing. The key element here is these are smartphone users – smartphone users consume data over the Internet via applications to fulfill some sort of consumer- or business-oriented need. The mobility and accessibility of smartphones demand the constant availability of the resources, and raises the consequence in the event of an outage due to increased population of users.

So, simultaneously we have two macro trends evolving along very similar arcs: The number of people, devices, and reasons for using the Internet are spiking at the same time as the threats to these devices and the scale and frequency of attack. Unless you believe one of these indicators are suddenly going to reverse themselves, then we face a future of threats rising in parallel to the increasing obligation to maintain availability of internet resources. Thus our question: If the stakes are changing, how are you evolving to respond? What are you and your organization doing differently to prepare for a future that the data tells us in undeniably going to look different than today?

Check out Arbor’s 20 Years of DDoS infographic for a look back at the news headlines and the increasing size of attacks through the years.