Only 29 Percent of Respondents Confident in Ability to Moderate DDoS
Impact, According to New Study Conducted by the Ponemon Institute
SAN JOSE, Calif.–(BUSINESS WIRE)–A10
Networks (NYSE: ATEN) today unveiled findings of a new study
demonstrating that global communications service providers, whose
businesses are predicated on continuous availability and reliable
service levels, are struggling to fend off a growing number of
Distributed Denial of Service (DDoS) attacks against their networks. A
lack of timely and actionable intelligence is seen as a major obstacle
to DDoS protection, according to the study.
The A10 Networks study conducted by the Ponemon Institute highlights the
critical need for DDoS protection that provides higher levels of
scalability, intelligence integration, and automation. Some 325 IT and
security professionals at ISPs, mobile carriers and cloud service
providers participated in the survey.
According to the report, entitled “The State of DDoS Attacks Against
Communications Service Providers,” these service providers have major
concerns with DDoS resilience readiness with only 29 percent of
respondents confident in their ability to launch appropriate measures to
moderate attacks. DDoS attacks targeting the network layer are the most
common form of attack—and the most dangerous to their business,
according to respondents. These attacks flood the network with traffic
to starve out legitimate requests and render service unavailable. As a
result, service providers say they face a variety of consequences, the
most serious being end-user and IT staff productivity losses, revenue
losses and customer turnover.
85 percent of survey respondents expect DDoS attacks to either increase
(54 percent) or remain at the same high levels (31 percent). Most
service providers do not rate themselves highly in either prevention or
detection of attacks. Just 34 percent grade themselves as effective or
highly effective in prevention; 39 percent grade themselves as effective
or highly effective in detection.
The DDoS intelligence gap was highlighted by a number of survey findings:
Lack of actionable intelligence was cited as the number-one barrier to
preventing DDoS attacks, followed by insufficient personnel and
expertise, and inadequate technologies.
Out-of-date intelligence, which is too stale to be actionable, was
cited as the leading intelligence problem, followed by inaccurate
information, and a lack of integration between intelligence sources
and security measures.
Solutions that provide actionable intelligence were seen as the most
effective way to defend against attacks.
The most important features in DDoS protection solutions were
identified as scalability, integration of DDoS protection with cyber
intelligence, and the ability to integrate analytics and automation to
improve visibility and precision in intelligence gathering.
Communications service providers who rated their DDoS defense
capabilities highly were more likely to have sound intelligence into
global botnets and weapon locations.
“Communications service providers are right, both in their expectations
for increased attacks and about their need for better intelligence to
prevent them,” said Gunter Reiss, vice president, marketing at A10
Networks. “The continuing proliferation of connected devices and the
coming 5G networks will only increase the potential size and ferocity of
botnets aimed at service providers. To better prepare, providers will
need deeper insights into the identities of these attack networks and
where the weapons are located. They also need actionable intelligence
that integrates with their security systems and the capacity to automate
At the same time, many service providers see DDoS protection as a
managed service as a significant business opportunity, with a majority
(66 percent) of providers saying they were either delivering DDoS
scrubbing services or planning to do so. However, the high cost of
delivering these services using legacy solutions and making them
profitable was seen as a major impediment. Service providers are being
forced to find modern approaches that can scale defense in a profitable
Other key findings include:
DDoS is seen as the most difficult type of cyber attack to deter,
prevent and contain.
Cybercriminals who use DDoS attacks to extort money are considered the
biggest risk to service providers, followed by those who use DDoS
attacks as a smoke screen for some other cyber attack.
The network is significantly more likely to be attacked than other
layers of a service provider’s infrastructure, such as the application
and device layers.
A majority of respondents say they do not have actionable intelligence
into DDoS-for-hire botnets or DDoS weapon locations around the world
to help them protect their networks.
In partnership with A10 Networks, the Ponemon Institute conducted a
survey of 325 IT and IT security practitioners in the U.S. who work for
internet service providers, mobile or cloud service providers and are
familiar with their organizations’ defenses against DDoS.
Meet A10 Networks at Upcoming Events
Europe – London, June 4-6
Visit stand F285 to learn
about the company’s latest product enhancements and hear company
representatives speak at this session: Automated
Defenses for DDoS – June 6 at 2:30 p.m. GMT
State of DDoS Attacks Against Service Providers – Tuesday,
On Tuesday, June 11, 2019, 12:00 p.m. ET / 5:00 p.m.
GMT, A10 Networks is participating in a webinar that provides an
overview of the current state of DDoS attacks. Jim Hodges, principal
analyst from Heavy Reading, Dr. Larry Ponemon, the founder of the
Ponemon Institute and Paul Nicholson, senior director, product marketing
at A10 Networks, will provide deeper insight into the key findings of
this report and the implications for service providers. Register here.
Security and Risk Management Summit – National Harbor, MD,
Visit booth 939 and hear company representatives
speak at this session: The State of DDoS Weapons and Applying Zero-day
Automated Protection – June 19 at 10:45 a.m. ET
A10 Networks Q1
DDoS Weapons report
detection and mitigation with Thunder® TPS
- Visit our blog
Follow us on Social Media
About A10 Networks
A10 Networks (NYSE: ATEN) provides Reliable Security Always™, with a
range of high-performance application networking solutions that help
organizations ensure that their data center applications and networks
remain highly available, accelerated and secure. Founded in 2004, A10
Networks is based in San Jose, Calif., and serves customers globally
with offices worldwide. For more information, visit: www.a10networks.com and @A10Networks.
The A10 logo, A10 Networks and Reliable Security Always are trademarks
or registered trademarks of A10 Networks, Inc. in the United States and
other countries. All other trademarks are the property of their