Distributed denial of service (DDoS) attacks against Australian targets grew in intensity and a growing share of attacks is originating inside the country rather than outside of it, new research from Arbor Networks has found.The security firm’s 10th Annual Worldwide Infrastructure Security Report found that the largest DDoS attack in Australia during 2014 peaked at 77Gbps, during August.That was a fraction of the record 400Gbps attack observed worldwide last year, but a volume that Arbor Networks country manager told CSO Australia was “very much consistent with the global trend” as increasing use of reflection and amplification-based attacks helped DDoS perpetrators significantly boost the scope and effectiveness of their DDoS attacks.Significantly, around 15 percent of the attacks Arbor recorded came from within Australia rather than outside of it, as has traditionally been the case in the past. “At the beginning of the year we saw some of those amplification attacks growing, but there were continued attacks throughout the year,” Race explained. “With the advent of better broadband networks, we’re now getting some firepower capable of doing this in Australia.”Some 65 percent of all DDoS attacks were volumetric flood-based attacks, focused on generating as much traffic as possible. Many organisations’ security defences were overwhelmed by the increasing DDoS volumes, with 35 percent of organisations reporting that their firewall or intrusion prevention systems had failed due to a DDoS attack. Sheer volume wasn’t the only defining characteristic of the DDoS analysis, however: a growing number of attacks were being targeted not just at random IP addresses, but focused specifically as layer-7 attacks on particular applications.Such attacks are now “ubiquitous”, the analysis concluded, noting that 20 percent of all service providers and 29 percent of enterprises reported attacks targeting the application layer.Web-related applications were common targets, with 81 percent of enterprise respondents reporting application-layer attacks against HTTP and 58 percent reporting attacks against HTTPS and DNS.Not only were DDoS perpetrators changing their method of attack, Race warned, but many were beginning to use DDoS attacks “as a diversionary tactic” to mask other malicious activities.“There will be increasing sophistication this year, where some of the advanced threats are going to be blended with DDoS,” he explained.This would be particularly concerning for cloud infrastructure providers, he said, noting that their exposure to online bandwidth availability could potentially make DDoS attacks particularly damaging. The problem was getting big enough, particularly with the uptick in domestic DDoS attacks, that cloud-based service providers would increasingly need to bolster their offerings with anti-DDoS capabilities.“Cloud services are quite vulnerable to DDoS attack,” Race said. “As organisations outsource to the cloud, they need to make sure the cloud provider they select is one that’s capable of dealing with DDoS attacks.”“It’s becoming a differentiator for cloud service providers to say that they not only offer cloud services, but offer cloud services with DDoS protection. As we go more and more online, downtime becomes a business cost.”This article is brought to you by Enex TestLab, content directors for CSO Australia. Upcoming IT Security EventsFeb 3rd,Feb 4th,Feb 6th 2015Join @NirZuk #PaloAltoNetworks for Breakfast (lunch in Auckland)on keeping your enterprise safe from risk. Cyber attacks continue to increase in volume and sophistication leaving traditional security practices completely ineffective.Register Today Seats are limitedMarch 3rd, March 5th, March 9th 2015Join CSO for the day@#csoperspectives and hear from @kimzetter @LeviathanSec3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more..Register todayDont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited) Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe