News

Survey Points to Concerns Over 'Hacktivist' Attacks

An industry-produced survey suggested that Web site attacks motivated by political considerations may be on the rise.

Most distributed denial-of-service (DDoS) attacks were attributed to political or ideological reasons, according to respondents in a report recently published by Arbor Networks. Thirty-five percent of survey respondents to Arbor Networks' annual Worldwide Security Infrastructure Report, released Feb. 7, said ideology or politics is the most common motivating factor for attacks, followed by vandalism at 31 percent.

At the same time, confidence in law enforcement to deal with the issue is at an all-time low. Only 21 percent of respondents were confident that law enforcement entities could help. Most -- nearly 74 percent of respondents -- do not refer security breaches to authorities. While respondents cited a range of reasons for not alerting law enforcement, one was that many attacks originate from foreign locations.

Similarly, 73 percent of respondents are concerned that governments are not doing enough to protect critical network infrastructure. On the positive side, 88 percent of respondents welcome greater government involvement with operational security incident response and 66 percent are actively engaged with their respective national or regional Computer Emergency Readiness Team (CERTs) and/or Computer Security Incident Response Teams (CSIRTs). Some respondents weren't involved simply because no national or regional organization of this type exists in their area.

The survey also found the scope and number of attacks on the rise. There was a significant increase in flood-based DDoS in the 10 Gbps range, indicating that large flood-based attacks have gone "mainstream" and DDoS will be a routine attack method, noted the report.

Sophisticated application-layer (Layer 7) DDoS attacks are commonplace and complex multi-vector DDoS attacks with both flood-based and application-layer attack components are rapidly increasing.

New DDoS tools "have empowered anyone with an Internet connection to launch DDoS attacks. This has profound implications for any business operating online. The risk of attack is now exponentially greater than in the recent past, commanding the need for a layered defense strategy in the enterprise," according to a company press release on the survey.

Respondents are seeing IPv6 DDoS attacks for the first time on their networks, which the report described as "a significant milestone in the arms race between attackers and defenders."

"Even many of the less sophisticated tools have Remote Access Trojan functionality to perform password theft, download and execute other malware, sniff keystrokes and other malicious activities," said Curt Wilson, a member of Arbor's Security and Engineering Response Team.

"In addition to the threats to confidentiality, actual incidents have shown that simple flooding tools such as a host booter can take down enterprise-class firewalls from either side of the firewall due to state table exhaustion."

The company surveyed 114 individuals from around the world. All were directly involved in their organization's network security operations.

Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus