Released on January 26, the Arbor Networks 11th Annual Worldwide Infrastructure Security Report shed light on the growing size and complexity of cyber attacks. Worldwide, 354 respondents reported from government and educational organizations, healthcare providers, hosting providers, mobile communications industries, and more. The survey uncovered the following five trends, which are likely to persist into 2016 and beyond.

iStock_000042348230_SmallA change in motivation for DDoS attacks. Many criminals want to demonstrate their capabilities – most likely to be associated with cyber extortion attempts. This was a big change over prior years, in which “hacktivism” or vandalism seemed to be primary motivating factors.

DDoS Attacks are growing larger. The largest reported DDoS (Distributed Denial of Service) attack was 500 Gbps, with attacks over 300 Gbps very common. That means the size of attacks has multiplied more than 60 times since this annual study began eleven years ago.

DDoS attacks are becoming more complex. Multi-vector attacks that target infrastructure, applications, and services were up 42 percent from the previous year. Ninety-three percent of respondents reported application-layer DDoS attacks, which are now more commonly seen in DNS services rather than HTTP.

Cloud systems are attacked more often. Thirty-three percent of respondents experienced an attack targeting their cloud-based system last year, up from 19 percent two years ago.

Firewalls are failing during DDoS attacks. More than half of respondents said their firewalls failed as a result of a DDos attack. Firewalls are increasingly becoming the first casualties in complex DDoS attacks.

Clearly, cyber criminals are not slowing their efforts to develop increasingly malicious methods of attack. So what are survey respondents doing to address the problem? Because many industries lack the internal resources to manage security risks, 50 percent of respondents said they have contracted with an outside organization for incident response.

That’s a great plan, but as the saying goes: An ounce of prevention is worth a pound of cure. Rather than contracting with a support service after an attack has already transpired, businesses should seek outside help before there is a problem. Contact us at 888-RING-MY-TECH, and we can help to safeguard your system and prevent attacks from occurring.