Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager.

Published byClara Butler Modified over 8 years ago

Similar presentations

Presentation on theme: "Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager."— Presentation transcript:

1 Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager

2 Page 2 - Company Confidential 2010 Infrastructure Security Survey  6 th Annual Survey  Survey conducted in September – October 2010  Diversity – Service providers – Content/ASPs – Enterprises – Broadband – Mobile – DNS – Educational

3 Page 3 - Company Confidential Key Findings of the Survey  Threat severity and complexity continue to increase – Attack size increases dramatically, impacting underlying network infrastructure – Application layer attacks continue with some new applications being targeted more frequently.  The Threat-to-Defense gap is the widest observed to date – DDoS attack capabilities of miscreants are outpacing the defensive measures taken by network service providers  Firewall and IPS equipment represents critical points of failure during DDoS attacks  Mobile network growth is a game changer – availability of limitless botnets with greater bandwidth and few network control points  New technologies affect fragility of Internet Infrastructure

4 Page 4 - Company Confidential DDoS Attack Sizes Over Time  Over 102% increase YOY in attack size shows resurgence of brute force and volumetric attack techniques  Internet providers have focused on application threats so miscreants turned back towards attacking network capacity

5 Page 5 - Company Confidential Application Layer Attacks  Application detection is becoming common place – 77% of respondents have successfully detected application layer attacks – Lynchpin service infrastructure remain top targets – Application attacks are advancing to more sophisticated services

6 Page 6 - Company Confidential Attack Frequency and Targets  Attack frequency is increasing – 69% of respondents see at least 1 DDoS attack per month – 35% of respondents see 10 or more DDoS attacks per month compared to 18% in 2009  Customers or services comprise 90% of targeted victims – Major collateral events are less common, but drive greater impact

7 Page 7 - Company Confidential Failure of Firewall and IPS in the IDC  Nearly half of all respondents have experienced a failure of their firewalls or IPS due to DDoS attack

8 Page 8 - Company Confidential Mobile Provider Security Posture  Roughly 50% report security problems with mobile subscribers  Mobile respondents demonstrate poor visibility into compromised hosts – 56% have no visibility into scale of compromised handsets – Optimistically, 17% say that there are none in the network – And 13% operators say at least 5% of customer base is compromised  Majority use NAT, firewalls and ACLS – 47 to 60%  DDoS mitigation and SMS filtering less common

9 Page 9 - Company Confidential Mobile Security Incidents  More than half of carriers have had outages in last year due to security incidents!  79% of mobile respondents say they have not had a DDoS attack explicitly targeting their infrastructure – Over 50% admit they have limited network visibility – How many DDoS events are they having that they simply don’t know about?  Mobile operators are more concerned about DNS, AAA, Mail attacks than fixed line providers  70% compared to 58% in fixed line

10 Page 10 - Company Confidential DNSSEC Threats  24% of respondents have deployed DNSSEC  Already 25% have experienced or expect problems and 31% expect increase in amplification attacks

11 Page 11 - Company Confidential The IPv6 Security Arms Race  Vendors and network operators are rushing to introduce IPv6 visibility and security as networks scale up

12 Page 12 - Company Confidential  As in 2010 most monitored attacks still small in 2011 :  78.5% less than 1Gb/sec (down from 93% in 2009 and 79% in 2010)  63.5% less than 1Mpps (down from 94% in 2009 and 87% in 2010)  Average size of attacks, Smaller Attacks Still Make up the Majority  Less than 1Gb/sec:  2010 is 197.41Mbps / 307.72Kpps  2011 is 332.1Mbps / 739.2Kpps  Less than 1Mpps:  2010 is 558.96Mbps / 228.139Kpps  2011 is 599.2Mbps / 335.7Kpps

13 Page 13 - Company Confidential  Average monthly attack size since start of 2009.  Average attack is 1.31Gbps / 1.62Mpps, July 2011 Attack Sizes have Grown Steadily since 2009  Average attacks sizes have grown by 40.6% / 165.7% since start of 2010

14 Page 14 - Company Confidential  Proportion of monitored attacks over 10Gb/sec has dropped by 48% so far in 2011. Large packet per second attacks increasing  Proportion of monitored attacks over 10Mpps has increased by 98.4% so far in 2011, compared to 2010.

15 Page 15 - Company Confidential  In 2009, 19.6% of monitored attacks targeted port 80.  In 2010 this had increased to 31%, and so far in 2011 we are at 37.3%. Increased Proportion of Attacks Targeting Port 80  Attacks targeting fewer ports  80 and 53 most prevalent.  75% drop in proportion of attacks over 10Gb/sec, from 2010 – still 47% up from 2009.

16 Page 16 - Company Confidential  Proportion of monitored attacks over 10Gb/sec fell back at the start of the 2011.  Growing again now. Proportion of Attacks Over 10Gbps and 10Mpps  Spikes in number of attacks over 10Mpps in March and July.  March = Belize Attacks

17 Page 17 - Company Confidential ATLAS LATAM Specifics 2010

18 Questions? Thank You! Julio Arruda jarruda@arbor.net

Download ppt "Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager."

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011.

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU
David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
1 © Aberdeen Group 2013 – Not For Distribution ™ Meeting the Rising Challenge of Modern Networks.

1 © Aberdeen Group 2013 – Not For Distribution ™ Meeting the Rising Challenge of Modern Networks.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Attackers Vs. Defenders: Restoring the Equilibrium Ron Meyran Director of Security Marketing January 2013.

Attackers Vs. Defenders: Restoring the Equilibrium Ron Meyran Director of Security Marketing January 2013.
Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.
2011 Infrastructure Security Report 7 th Annual Edition CE Latinamerica Carlos A. Ayala

2011 Infrastructure Security Report 7 th Annual Edition CE Latinamerica Carlos A. Ayala
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.

SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.
© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015.

© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015.
(ISC) 2 2015 Global Information Security Workforce Study (GISWS) Results U.S. Federal Government.

(ISC) Global Information Security Workforce Study (GISWS) Results U.S. Federal Government.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
Arbor Multi-Layer Cloud DDoS Protection

Arbor Multi-Layer Cloud DDoS Protection
Arbor Networks solutions

Arbor Networks solutions
Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg

Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Mediacom. More Than Cable Mediacom is the nation’s 8 th largest cable company Brings broadband to community anchor institutions, including school districts,

Mediacom. More Than Cable Mediacom is the nation’s 8 th largest cable company Brings broadband to community anchor institutions, including school districts,

Similar presentations

Ads by Google