Last week Corero released the results of our annual DDoS Impact Survey, which polled technology decision makers, network operators and security experts about key DDoS issues and trends that Internet service providers and businesses face in 2016.
Nearly half (45%) of the survey participants indicated that loss of customer trust is the most damaging consequence of DDoS attacks to businesses. Additionally, 34% of survey participants said lost revenue was the worst effect. Sadly that is not surprising, as network or website service availability is crucial to ensure customer trust and satisfaction, and vital to acquire new customers in a highly competitive market. When an end user is denied access to Internet-facing applications or if latency issues obstruct the user experience, it immediately impacts the bottom line.
Certainly, DDoS attacks get the most attention when a firewall fails, service outage occurs, a website goes down or customers complain. But companies should be concerned about DDoS attacks even when the attacks are not large-scale, volumetric attacks that saturate a company’s network and associated server infrastructure. Industry research, as well as our own detection technology, shows that cyber criminals are increasingly launching low-level, small DDoS attacks.
The problem with such attacks is two-fold: small, short-duration DDoS attacks still negatively impact network performance, and—more importantly, such attacks often act as a smokescreen for more malicious attacks. While the network security defenses are degraded, logging tools are overwhelmed and IT teams are distracted, the hackers may be exploiting other vulnerabilities and infecting the environment with various forms of malware. Small DDoS attacks often escape the radar of traditional scrubbing solutions. Many organizations have no anti-DDoS systems in place to monitor DDoS traffic, so they are not even aware that their networks are being attacked regularly.
The survey also asked participants about their current methods of handling the DDoS threat; nearly one third (30%) of respondents rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. Those companies are very vulnerable to DDoS attacks because it’s well documented that traditional security infrastructure products aren’t sufficient to mitigate DDoS attacks.
An overwhelming majority (85%) of respondents indicated they believe upstream Internet Service Providers should offer additional security services to their subscribers to remove DDoS attack traffic completely. Furthermore, 51% responded that they would be willing to pay their Internet Service Provider(s) for a premium service that removes DDoS attack traffic before it is delivered to them, and 35% indicated they would allocate 5-10% of their current ISP spend to subscribe to this type of service. Clearly there is market demand for protection services from Internet Service Providers, and organizations are willing to pay for a service that protects them from DDoS attacks.
To see the rest of the survey results, download our infographic here.