For the first time botnets have leapfrogged distributed denial-of-service (DDoS) attacks as the top operational threat to internet service providers (ISPs), new figures suggest.

According to an Arbor Networks report the gap between “amateur” attacks and more sophisticated coordinated threats using thousands of bot hosts has widened.

The annual study also shows that more than three-quarters of ISPs do not have tools in place to detect threats against voice over IP (VoIP).

“One thing we know about cyber criminals is that they adapt and look for weaknesses,” said Danny McPherson, Arbor Networks chief research officer in a statement. “When it comes to network security, complacency should never be part of the equation.”

The figures show that more than a third of ISPs offer a DDoS managed security service, with another third planning to roll out such services in the next two years.

The study surveyed ISPs from Europe, Asia and the US.