Study: DDoS Attacks Continue to be a Significant Security and Business Concern

DDoS stands for is “Distributed Denial of Service”. DDoS attacks are even as old as the modern internet itself.

A study has revealed that distributed denial of service or DDoS attacks continues to have a devastating impact on businesses, costing an organization as much as $2.5 million in revenue on average.

According to the May 2017 DDoS and Cyber Security Insights Report by Neuster, an information services firm, a staggering 84% of organizations polled admitted to being targeted by DDoS attacks this past year. These attacks do not discriminate and are sweeping in the way they attack every industry sector, with the number of attacks increasing 15% in 2016.

Over 1,000 Information security officials around the world were polled with 43% of those admitting that over $250,000 of revenue per hour was at risk due to DDoS attacks. UK retailers pegged a figure between $100,00 to $250,000 of revenue an hour at risk from DDoS attacks.

The survey also discovered that attacks greater than an eye-popping 10 gigabits per second (Gbps) were up 11% on the previous year to 45% of all attacks. Nearly half of organizations targeted by DDoS attacks added that they had been struck by these attacks over five times. In a concerning admission, those polled added that DDoS detection and response times were slowing down instead of speeding up.

For instance, only 23% of organizations polled said they were able to detect and respond to DDoS attacks in under an hour. That’s a 5% decline in the number of organizations from last year and a 3% decline for those responding within an hour. Less than a third, or 29% of those polled said they were able to respond in 1-2 hours, also representing a decline of 4% from last year.

Tellingly, this means that nearly half, or 48% of organizations polled, take at least three hours or more to respond to DDoS attacks.

IoT-driven DDoS attacks are an emerging attack method that are pushing the limit in DDoS traffic, unlike any other vector before.

Deborah Clark-McGinn, a senior executive at Neustar stated:

What most organisation have in place [to deal with DDoS attacks] is not enough, especially in the face of new and emerging attack methods. Most organisations have some sort of DDoS protection in place, yet 90% [of those polled] are investing more than they did a year ago, and 36% think they should be investing even more.

The most notable IoT-based attack made headlines in 2016 when DNS provider Dyn was hit by an attack that peaked around 1.2 Tbps (terabits-per-second).

Image credit: Pixabay.