Business Innovation Homepage > Governance
The top security concerns of Internet service providers are botnets and professional-level distributed denial-of-service attacks, according to a survey of 70 ISPs.
InformationWeek
September 28, 2007
Botnets and distributed denial-of-service attacks are the biggest security concerns for Internet service providers, according to a new study.
Arbor Networks, a network security company, and the University of Michigan released the results of the third annual Worldwide Infrastructure Security Report this week. After surveying 70 ISPs on the security issues facing Internet backbone operators, the team reported that 73% of Tier One and Tier Two ISPs and cable operators think they're doing a good job battling the bad guys.
However, the battles keep changing.
This year, the ISPs report that their top security concern is dealing with the growing number of botnets that are buffeting the Internet with spam, phishing attacks, and denial-of-service (DoS) attacks. And the ISPs aren't allow in their fears. According to the FBI, because of their widely distributed capabilities, the government considers botnets a growing threat to national security, the national information infrastructure, and the economy.
The foundation of a botnet is built when hackers and malware writers conspire to infect computers around the world with viruses and Trojans that allow them to remotely control the victim machines. Then they amass thousands or hundreds of thousands of these zombie computers, creating great armies—or botnets—of them. Most of the owners of the zombie machines don't even know they have been infected or that their machines are being controlled by someone else.
The problem seen as the second biggest operational threat is the distributed denial-of-service attacks that these botnets are increasingly launching. These attacks were at the top of ISPs' concern list last year.
The ISPs noted in the survey that the big DDoS attacks appear to have gone pro. Arbor's analysts noted that while mid-level DDoS attacks have plagued the Internet since 2000, survey respondents said they've seen a widening gap between common mid-level "amateur" attacks and multi-gigabit "professional" efforts involving tens of thousands of zombie hosts.
This news comes out as the massive Storm worm botnet gains size and increasingly launches DoS attacks. Researchers' estimates as to the size of the botnet vary wildly, ranging from 1 or 2 million up to as many as 50 million. Whatever the exact size, security professionals say the botnet herders are in a position to launch highly damaging attacks because the botnet is so large and dispersed.
Adam Swidler, a senior manager with security company Postini, said in an earlier interview with InformationWeek that if the Storm worm bosses focused a denial-of-service attack on a company, Internet service provider, or government agency inside the United States, it could do a great deal of damage. "I think there's no question they could damage any single company, whether through a DoS attack or a spam barrage," he said.
Danny McPherson, Arbor Networks chief research officer, said in a statement that this is not the time for ISPs to become overly confident about their defenses. "One thing we know about cyber criminals is that they adapt and look for weaknesses," he said. "When it comes to network security, complacency should never be part of the equation."
The study also showed that only 20% of ISPs surveyed currently have specific tools or mechanisms to monitor and detect threats against voice over IP services. This, according to Arbor, points to a vulnerability that service providers need to address in the coming months.
Click here for more Governance articles
|
