Managed security software vendor Arbor Networks released the results of its second-annual Worldwide Infrastructure Security Report earlier this week. The survey of 55 service providers from around the world found that distributed denial-of-service (DDoS) attacks, and in particular botnet-related DDoS attacks, continue to rise, along with the resources that service providers are directing toward these problems. The company in timely fashion also announced the latest version of its Peakflow security software.

Danny McPherson, chief research officer at Arbor, said service providers are reporting they are experiencing larger-capacity attacks beyond their existing backbone capacity, and that new, more resilient and harder-to-remove botnets are merging. "When there is a 10 Gb/s attack on a 1 Gb/s connection, service providers are going to experience collateral damage along their infrastructure," he said.

Attacks on revenue-generating systems and on VoIP infrastructure are also among the growing attack trends. IP multimedia subsystem components could be likely targets in the near future. The somewhat good news is that service providers are deploying detection and attack mitigation measures more actively than they ever have before. However, despite the growing problem, McPherson said that surprisingly less than 2% of the average 40 customer-impacting attacks occurring each month are reported to law enforcement authorities.

"You can imagine that the number of attackers that actually get prosecuted is a magnitude or two lower than that," he said. The reasons for not reporting vary from unwanted bad press to the simple fact that hundreds of thousands of botnets could come from myriad sources around the world, making it hard to do something about the offenders.

McPherson said it would help if service providers communicated with one another about the source of botnet attacks, and didn't just stop their mitigation efforts at their own network entry points, as most of them do now.

On the product end, Arbor is trying to do its part for threat mitigation, having announced this week Version 3.5 of its Peakflow security platform. New features in this version including further visibility and security for MPLS VPNs, which many more service provider customers are beginning to adopt. Also, Arbor is introducing a single-console approach for Peakflow, allowing centralized management of detection and mitigation efforts. Rakesh Shah, senior product manager at Arbor, said, "Reducing the time to resolution is the main thing we are trying to do."