Frequency and Complexity of DDoS Attacks is Rising; Defenders Turn to Automation and Managed Services for Support

NETSCOUT Publishes 13th Annual Arbor Worldwide Infrastructure Security Report

BURLINGTON, Mass.--()--NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of business assurance, a powerful combination of service assurance, cybersecurity, and business intelligence solutions, today released its 13th Annual Arbor Worldwide Infrastructure Security Report (WISR) offering direct insights from network and security professionals at the world’s leading service provider, cloud/hosting and enterprise organizations.The report covers a wide range of topics, from distributed denial-of-service (DDoS) attacks and major industry trends such as SDN/NFV and IPv6 adoption to key organizational issues such as incident response training, staffing and budgets. Its focus is on the operational challenges network operators face daily from cyberthreats and the strategies adopted to address and mitigate them.

Attackers focused on complexity this year, leveraging weaponization of IoT devices while shifting away from reliance on massive attack volume to achieve their goals. They have been effective, and the proportion of enterprises experiencing revenue loss due to DDoS nearly doubled this year, emphasizing the significance of the DDoS threat,” said Darren Anstee, chief technology officer, NETSCOUT Arbor. “The results of the WISR, together with our ATLAS data, demonstrate why an integrated multi-layer defense from the data center to the cloud is required.”

THREAT LANDSCAPE: The exploitation of IoT devices and innovation from DDoS attack services are leading to more frequent and complex attacks.

  • Size: Fifty-seven percent of enterprises and 45 percent of data center operators saw their internet bandwidth saturated due to DDoS attacks.
  • Frequency: There were 7.5 million DDoS attacks in 2017, according to data from NETSCOUT Arbor’s Active Threat Level Analysis System (ATLAS) infrastructure which covers approximately one-third of global internet traffic. Service provider respondents experienced more volumetric attacks while enterprises reported a 30 percent increase in stealthy application-layer attacks.
  • Complexity: Fifty-nine percent of service providers and 48 percent of enterprises experienced multi-vector attacks, a 20 percent increase over last year. Multi-vector attacks combine high volume floods, application-layer attacks and TCP-state exhaustion attacks in a single sustained offensive, increasing mitigation complexity and attackers’ chances for success.

CONSEQUENCES: Successful DDoS attacks are having greater operational and financial impact.

  • Fifty-seven percent cited reputation/brand damage as the main business impact, with operational expenses second.
  • Fifty-six percent experienced a financial impact between $10,000 and $100,000, almost double the proportion from 2016.
  • Forty-eight percent of data center operators said customer churn was a key concern following a successful attack.

DEFENSE: Network and security teams, the guardians of the connected world, are challenged by an active and complex threat landscape, as well as persistent staffing issues.

  • Eighty-eight percent of service providers utilize Intelligent DDoS Mitigation Solutions and 36 percent utilize technology that automates DDoS mitigation. Increased investment in specialized tools automation is driven by the sheer number of attacks faced in service provider networks.
  • Attack frequency is also driving demand for managed security services. Thirty-eight percent of enterprises relied on third-party and outsourced services, a jump from 28 percent the previous year. Only 50 percent carried out defensive drills, and the proportion of respondents carrying out drills at least every quarter fell 20 percent.
  • Fifty-four percent of enterprises and 48 percent of service providers have difficulty hiring and retaining skilled personnel.

Additional Resources

  • Download the full report here (registration required).
  • Register for the NETSCOUT Arbor webinar series for a deeper dive on the WISR key findings.
  • Visit the NETSCOUT Arbor blog for insight on various aspects of the report.
  • Like us on Facebook and follow @ArborNetworks on Twitter for more key findings.

Survey Scope & Demographics

  • The WISR survey data is based upon 390 responses from a mix of Tier 1, Tier 2 and Tier 3 service providers, hosting, mobile, enterprise and other types of network operators from around the world.
  • Two-thirds of all respondents identify as security, network or operations professionals.
  • Report includes data regarding observed events in 2017 and projections for the coming year.

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) assures digital business services against disruptions in availability, performance, and security. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility, and insights customers need to accelerate, and secure their digital transformation. Our approach transforms the way organizations plan, deliver, integrate, test, and deploy services and applications. Our nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. Arbor security solutions protect against DDoS attacks that threaten availability, and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers, or in the cloud, and how NETSCOUT’s performance and security solutions, powered by service intelligence can help you move forward with confidence, visit or follow @NETSCOUT and @ArborNetworks on Twitter, Facebook, or LinkedIn.

Safe Harbor
Forward-looking statements in this release are made pursuant to the safe harbor provisions of Section 21E of the Securities Exchange Act of 1934 and other federal securities laws. Investors are cautioned that statements in this press release, which are not strictly historical statements, including without limitation, the statements related to the benefits and features of Arbor’s portfolio of solutions, constitute forward-looking statements which involve risks and uncertainties. Actual results could differ materially from the forward-looking statements due to known and unknown risk, uncertainties, assumptions, and other factors. For a more detailed description of the risk factors associated with NETSCOUT, please refer to NETSCOUT’s Annual Report on Form 10-K for the fiscal year ended March 31, 2017 and NETSCOUT’s subsequent Quarterly Reports on Form 10-Q, which are on file with the Securities and Exchange Commission. NETSCOUT assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein.

©2018 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor Networks, the Arbor Networks logo, ATLAS, InfiniStream, InfiniStreamNG, nGenius, and nGeniusONE are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.


Kevin Whalen, 781-362-4377

Release Summary

NETSCOUT Arbor released its 13th Annual Worldwide Infrastructure Security Report (WISR) offering insights from network and security professionals.


Kevin Whalen, 781-362-4377