If your business or organization ever questions the value of good firewall protection, consider this troubling statistic: More than a quarter of all the electronic traffic coming into firewalls that SDN Communications manages is filtered out because the transmissions are malicious or spam.
To be precise, 26 percent of traffic in February 2017 was flagged as problematic and stopped from reaching intended destinations, including clients’ networks.
That’s among the findings in SDN’s recent Cyber Threat Landscape Cybersecurity Intelligence Report. SDN is the premier provider of broadband connectivity and cybersecurity services for businesses in the Sioux Falls region.
SDN will update free report and distribute it quarterly to businesses and others that want the information. Organizations can use the information to develop and maintain an effective cyber defense strategy.
The report revealed that firewalls are weeding out bad traffic at a high rate. Jake VanDewater, director of network operations at SDN says the large amount of spam and malicious traffic that's out there underscores the need for good firewall protection at both the cloud and premise level.
The type and frequency of cyberattacks is on the rise, and no business is exempt from the risk, says Mike Klein, a managed services technician.
“If you have something worth building a business around, someone is going to take a poke at it. It’s not a question of if, but when,” Klein says.
DDoS-style hits have become the most common type of attack. DDoS stands for Distributed Denial of Service, an attack in which hackers unleash a large volume of traffic to flood and at least temporarily disable a targeted system or program.
SDN added Managed DDoS Protection to its service offerings in March 2015. Local and national data show attacks continue to trend upward. Findings in the Cyber Threat Landscape report indicate a 174 percent increase in “high alerts” from 2015 to 2016.
The size of the average, local attack is what stood out to Theron McChesney, business intelligence specialist at SDN. In 2016, the average attack increased by 117 percent in size to 1.4 Gbps. One gigabit might not seem like a large attack, but it’s big enough to take down most businesses, says McChesney. He helps compile and contribute data for the reports.
“You don’t have to have a large attack to have an effective attack,” he says. “Most businesses don’t have a multi-gigabit connection. And even if they do, they’re still going to notice that a chunk of it’s getting eaten up.”
SDN’s analysis shows most DDoS attacks are less than a gigabit in size and last less than one hour. But the system has recorded attacks of up to 35. On average, SDN detects nine DDoS “high alerts” daily.
DDoS attacks are probably on the rise because they’re cheap to buy on the Dark Web and deployed anonymously. Unethical business rivals and gamers may launch attacks to try to gain an advantage in competition.
On-premise equipment can protect devices against slow, low-level attacks, according to SDN experts. However, high bandwidth attacks must be mitigated further away, before the bad traffic nears its target. Pairing SDN’s Managed Firewall with its Managed DDoS Protection can provide that dual level of protection for clients.
Businesses should monitor traffic leaving their networks as well as incoming traffic. Bill Tetrault, the supervisor of managed services, points out they need to track outgoing traffic to find threats such as botnets.
Botnets are groups of Internet-connected devices that are infected with malware. Hackers can control the infected equipment externally to carry out DDoS attacks and other types of attacks, without the knowledge of legitimate users.
SDN experts stress the importance of taking a multi-layered approach to protect devices and networks. Going forward, SDN’s Cyber Threat Landscape reports is a tool to help regional businesses develop and maintain an effective cybersecurity strategy.
Visit the Cyber Threat Landscape Report Archive for full access to all of our reports.