DDoS attacks can cost enterprises $50,000 (£35,000) per attack – but lost revenue is still only considered to be the fourth most damaging consequence of this type of cyber-attack, according to research published today by Corero Network Security (LSE: CNS), a leading provider of real-time DDoS defense solutions.
The Corero research surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors. An overwhelming number of respondents (91%) said that individual DDoS attacks can cost their organisations up to $50,000 in terms of lost business, the cost of mitigating attacks and lost productivity. In addition, 69% indicated that their organisation experiences between 20-50 DDoS attack attempts per month – equivalent to roughly one attack per day.
But despite this high figure, the vast majority of respondents (78%) cited the loss of customer trust and confidence as the single most damaging effect on business of DDoS attacks. The second most ranked threat was the risk of intellectual property theft, followed by the threat of malware infection associated with a DDoS attack. Lost revenue was only considered to be the fourth most damaging consequence.
Ashley Stephenson, CEO at Corero Network Security, explains: “DDoS attacks can have an immediate and damaging impact on a company’s bottom line, both in terms of lost revenue and the costs incurred in terms of manpower required to mitigate attacks. Not all DDoS attacks will cost an organisation $50,000, but having your website taken offline can damage customer trust and confidence. It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets. These attacks cause lasting damage to a company’s reputation and could have negative consequences for customer loyalty, churn and corporate profits.”
The research also highlights the growing complexity of DDoS attacks, and their capacity to act as a distraction for more serious network incursions. The great majority of those surveyed (85%) believe that DDoS attacks are used by attackers as a precursor or smokescreen for data breach activity. In addition, 71% reported that their organisation has experienced a ransom-driven DDoS attack.
Ashley Stephenson continues: “A DDoS attack can often be a sign that an organisation’s data is also being targeted by cyber criminals. As demonstrated by the infamous Carphone Warehouse attack, DDoS attacks can be used as a smokescreen for non-DDoS hacking attempts on the network. Hackers will gladly take advantage of distracted IT teams and degraded network security defences to exploit other vulnerabilities for financial gain. Considering the huge liability that organisations can face in the event of a data breach, IT teams must be proactive in defending against the DDoS threat, and monitor closely for malicious activity on their networks.”
Participants also viewed DDoS attacks as more of a concern in 2018 than in the past. The clear majority (83%) cited the proliferation of unsecured Internet of Things (IoT) devices as the top reason for this concern, closely followed by the association between DDoS and data breach activity. DDoS attacks are also becoming more complex to mitigate, with more than 15 employees typically involved in diffusing the threat when an attack strikes, according to two-thirds of respondents (66%).
Ashley Stephenson continues: “In recent months we’ve witnessed new records set for the size of DDoS attacks, as criminals exploited the Memcached amplification attack vector to headline grabbing effect. This has written a new chapter in the DDoS record books and made Terabit-scale attacks a reality. The Memcached vulnerability also exposed additional breach and data corruption risks, as attackers can also exploit these poorly secured servers to steal or temporarily modify customer data.”