The percentage of software-as-a-service and third-party data center and cloud services that were attacked tripled between 2017 and 2018, according to NetScout's 14th Annual Worldwide Infrastructure Security Report, which was released this week.
NetScout based its research on a survey of its own customers, including network and security professionals and IT decisionmakers from enterprise and service providers around the world. The focus was on daily challenges from network-based threats and the steps taken to stop and mitigate them.
The number of attacks against SaaS services jumped from 13% in 2017 to 41% last year. Third-party data center and cloud attacks rose from 11% to 34% during the same time period, the report says.
Pointing to the increased attacks against cloud-based infrastructure, 2018 saw the first distributed denial of service (DDoS) attack that reached the 1 Tbps size. It was followed up, days later, by a 1.7 Tbps attack.
The dynamics as well as the size of DDoS attacks are changing. While the number of attacks actually declined 4% globally (to a total of 6.13 million), the size and complexity increased. The maximum size of the attacks rose 273%, with 91% of respondents saying that the attack saturated their internet bandwidth.
Thirty-six percent experienced multivector DDoS attacks. And the attention that DDoS attackers are paying to cloud-based services is steadily rising—from 25% of attacks in 2016 to 33% in 2017 and 47% last year.
The good news is that the security ecosystem is responding.
"When the Worldwide Infrastructure Report (WISR) was launched 14 years ago, 10 Gbps attacks made headlines and took networks down," the report says. "Today, attacks 40 times that size are routinely mitigated with little to no disruption to online services."
An indirect indicator of the proactivity of the industry is that 94% of encrypted traffic was attacked in 2018, almost twice as much as the year before. The assumption is that attacks on better-protected data wouldn't be growing if attackers had easier targets. Though progress is steady, 92% of respondents want operational security processes simplified, with component and workflow integration topping the wish list.
The average downtime cost of an attack was $221,836; Germany had the highest ($351,995) and Japan the lowest ($123,026).