Security attacks on software services jumped in 2018, says NetScout

The average downtime cost of an attack was $221,836; Germany had the highest ($351,995) and Japan the lowest ($123,026). (iStockPhoto)

The percentage of software-as-a-service and third-party data center and cloud services that were attacked tripled between 2017 and 2018, according to NetScout's 14th Annual Worldwide Infrastructure Security Report, which was released this week.

NetScout based its research on a survey of its own customers, including network and security professionals and IT decisionmakers from enterprise and service providers around the world. The focus was on daily challenges from network-based threats and the steps taken to stop and mitigate them.

The number of attacks against SaaS services jumped from 13% in 2017 to 41% last year. Third-party data center and cloud attacks rose from 11% to 34% during the same time period, the report says.

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

Pointing to the increased attacks against cloud-based infrastructure, 2018 saw the first distributed denial of service (DDoS) attack that reached the 1 Tbps size. It was followed up, days later, by a 1.7 Tbps attack.

RELATED: Two-thirds of DDoS attacks take aim at communications service providers

The dynamics as well as the size of DDoS attacks are changing. While the number of attacks actually declined 4% globally (to a total of 6.13 million), the size and complexity increased. The maximum size of the attacks rose 273%, with 91% of respondents saying that the attack saturated their internet bandwidth.

Thirty-six percent experienced multivector DDoS attacks. And the attention that DDoS attackers are paying to cloud-based services is steadily rising—from 25% of attacks in 2016 to 33% in 2017 and 47% last year.

The good news is that the security ecosystem is responding.

"When the Worldwide Infrastructure Report (WISR) was launched 14 years ago, 10 Gbps attacks made headlines and took networks down," the report says. "Today, attacks 40 times that size are routinely mitigated with little to no disruption to online services."

An indirect indicator of the proactivity of the industry is that 94% of encrypted traffic was attacked in 2018, almost twice as much as the year before. The assumption is that attacks on better-protected data wouldn't be growing if attackers had easier targets. Though progress is steady, 92% of respondents want operational security processes simplified, with component and workflow integration topping the wish list.

The average downtime cost of an attack was $221,836; Germany had the highest ($351,995) and Japan the lowest ($123,026).

Suggested Articles

China Mobile tapped into Huawei's 10G PON technology to demonstrate a dual gigabit broadband service that features both wired and wireless broadband.

Orange Business Services announced on Friday that it has launched a think-tank lab to gauge the impact of new technologies on human resources.

MEF is aligning key components this year to help operators orchestrate their services across SDN and NFV-based networks.