Netscout released its 14th Annual Worldwide Infrastructure Security Report called “Cloud in the Crosshairs”. It delivers insights from a global survey of network, security, and IT decision makers across enterprise and service provider organizations in the USA, Canada, Brazil, UK, Germany, France and Japan. Its focus is on the operational challenges they face daily from network-based threats and the strategies adopted to address and mitigate them. One of the major findings from this year’s report is that SaaS, cloud services, and political targets drew increased attacker attention in 2018. Also, companies tend to use outsourced services in order to maintain their cybersecurity.
Among the key findings of the report is the increased amount of cybersecurity attacks of the public sector. According to the researchers this fact is not surprising given the highly charged political environment on a global scale. Past reports showed that financial services, e-commerce, and gaming customers were at the highest risk of attack. Now, in 2018, it was government customers at 60%, significantly up in comparison to 2017 – 37%.
“DDoS has long been a tool for online protests, thanks to the combination of increasingly sophisticated DDoS for-hire attack services and free attack tools that enable anyone with basic online skills to launch an attack. As political instability increases around the world, expect DDoS to continue to be used as a form of protest”, the report says
Since service providers are using more intensively cloud-based services to enterprises and consumers, it is logical that attackers now target these services with DDoS attacks . The report shows a significant jump over the past three years – from 25% in 2016, 33% in 2017 to 47% in 2018.
This situation suggests the consequences witnessed in the past 3 years – service providers increasingly turn to third-party (outsourced) services. Approximately 1/3 of enterprises outsource at least a part of their security operation – up with 12% in comparison with 2017. As mentioned in the report:
“This highlights once again the global challenges organizations face to build and maintain an internal security team of skilled practitioners, and their reliance on outsourcing to address the issue.”
Furthermore, 39% of respondents state they expect to increase their investment in outsourced services in the next 12 months. Darren Anstee, chief technology officer at Netscout, said:
“Businesses have invested in new tools and technologies to deal with new threats, but this hasn’t resulted in a reduction in risk. Companies are waking up to the fact that they need a well-integrated security stack and a consistent view across their virtual, physical and cloud resources. In leaning on outsourced security professionals, businesses are identifying the shortfalls of their internal processes and capabilities and are moving to address risk in the only way they can. There is nothing wrong with this strategy, as long as businesses are clear that they still own the underlying risk.”
Another key finding is that companies’ cybersecurity is mostly put at risk from inside, i.e. by employees. 43% of respondents said that their firewall and/or IPS contributed to an outage during a DDoS attack. Malicious insiders also posed a threat, as more than a quarter of respondents indicated their organization experienced an attack by a malicious insider in 2018. France had the highest number at 37.5%, while Japan was lowest at 13.8%.