Arbor Networks has released their 2016 Worldwide Infrastructure Security Report. The report is an analysis of responses from a variety of network operators regarding current threats and concerns. For the first time, the survey asked enterprise, government and education organizations to estimate the cost of network downtime as related to a distributed denial-of-service (DDOS) attack. Most survey respondents skipped the question, leading the report’s authors to conclude that this may have indicated “they do not have a method to quantify the cost impact associated with the loss of Internet connectivity.”  Almost two-thirds of those who did respond estimated the costs as being above $500/minute. 

A distributed denial-of-service (DDoS) attack is an attempt to render a website or network unavailable. These attacks utilize numerous computers to direct a large volume of superfluous traffic to the target, either slowing down or forcing the target offline by overwhelming its resources. The report indicates that the scale of such attacks is growing, as the volume of the largest reported attack was 500 Gigabits-per-second (a single gigabit is about 125 megabytes). Others reported attacks of 425 Gbps and 337 Gbps. In the 11 years this survey has been conducted, the largest attack size has “grown more than 60x.” 

The report’s authors also note that the primary motivation for DDoS attacks this year “was not hacktivism or vandalism but ‘criminals demonstrating attack capabilities,’ something typically associated with cyber extortion attempts.” In the past year, ransomware and extortion attempts seem to be a growing trend with regards to cybercriminality. As reported by ZDNet, “Swiss CERT in October warned local hosting providers of extortion DDoS attacks from a hacker group, which would typically launch a demo DDoS attack alongside a corresponding demand for payment in Bitcoin. Failure to pay would result in a subsequent DDoS attack.”

Additional findings include growth in the scale of DDoS attacks across the board, as nearly a quarter of respondents indicated peak attack sizes of over 100 Gbps. Furthermore, 56 percent of respondents reported “multi-vector attacks that targeted infrastructure, applications and services simultaneously.” We don’t typically reprint marketing copy, but Arbor Networks’ claim that the report finds a “Relentless Threat Environment Driving Demand for Managed Security Services,” is in keeping with their findings and sounds almost poetic.