Enterprise’s demand better DDoS protection from ISPs

20 April 2016 |


A new survey reveals the scale at which ISPs are putting their enterprise customers at risk of DDoS attacks.

The vast majority of enterprise end users want their Internet Service Providers (ISPs) to offer more comprehensive DDoS protection-as-a-service, according to the report. Of those responding to the report 85% thought that present support was poor.

The report concludes that ISPs need to start urgently updating their networks or their market share will start to shrink.

The research carried out by Corero Network Security, polled over 100 ISPs and 75 enterprise customers about their DDoS mitigation strategies. The research revealed that an alarming proportion of ISPs are still relying on outdated technologies to protect their customers. For example, 46% divert DDoS traffic through a scrubbing centre – an expensive and notoriously slow technique which typically takes around an hour from detection to mitigation. 

In addition, 49% of those surveyed said they ‘blackhole’ a victim’s traffic when they suffer a DDoS attack – which essentially does a hacker’s job for them, by denying service to a particular website.

In addition, nearly a tenth of the ISPs and hosting providers surveyed (9%) have such poor visibility over their customers’ networks that they only realize a DDoS attack is taking place when their customers complain.

Dave Larson, COO at Corero Network Security, explains: “Given this situation, it’s no wonder that enterprise customers are demanding better DDoS protection. Using yesterday’s tools to mitigate today’s attacks may save ISPs costs in the short-term, but it also puts their customers at greater risk of suffering a DDoS attack. According to a recent Kaspersky Lab report, DDoS attacks cost large enterprises an average of $444,000 USD in lost revenues and IT spending. For any organisation which relies on the Internet to conduct business, the fiscal fallout from a DDoS attack can be exponential. 

“This also represents an important capacity issue for ISPs. Rather than using up spare bandwidth by re-routing malicious traffic to a scrubbing centre, ISPs need to learn to ‘sweat their assets’ by mak-ing their existing pipes work more effectively. This can be done by engaging an in-line DDoS mitigation tool which detects malicious traffic at the network edge, and stops it in its tracks.”

Despite their current practices, 80% of ISPs saw a business opportunity in providing enhanced DDoS mitigation-as-a-service to their customers.  More than half - 51% - also rated DDoS defenses as more important than other types of security defenses for their customers. 

However, ISPs are prevaricating because they do not want to pass the additional costs to their customers. When asked about their reasons for not providing a more robust type of DDoS defense, over half, 51%, of ISPs say that their customers expect to receive clean pipes as part of their service and would balk at paying a fee. 

However, given the inadequacies of the techniques currently being utilized, these expectations are unlikely to be met in the event of a DDoS attack. A smaller segment - 37% - suggested that they don’t believe their customers are concerned with the impact of DDoS attacks – which is clearly at odds with the financial and reputational risks involved. 

Larson said, “Telecoms providers are missing a trick here, by selling on cost not quality. They have a golden opportunity to create valuable new revenue streams by providing a cleaner, more reliable pipe for their customers by adopting an always-on, in-line DDoS mitigation system. The industry is placing rising premiums on keeping data secure and their networks free from malicious actors, so ISPs can either use this as an opportunity to modernize their services and generate new channels for revenue, or risk a slow shrinking of their customer base.”

The full executive summary of the report can be accessed here:

https://pages.questexweb.com/DDOSImpact.html