DDoS attacks are on the rise and can have a damaging impact on a company’s bottom line, both in terms of lost revenue and the costs incurred in terms of manpower required to mitigate attacks. To investigate this problem, Corero surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors, which revealed that DDoS attacks are costing enterprises up to $50,000 (£35,000) per attack.
Yet despite this figure, lost revenue was still only considered to be the fourth most damaging consequence of this type of cyber-attack. Most respondents cited the loss of customer trust and confidence as the single most damaging effect on business of DDoS attacks. This is because DDoS attacks can impact the ability of sales teams to acquire new customers in increasingly competitive markets and cause lasting damage to a company’s reputation. In turn this usually has negative consequences for customer loyalty, churn and corporate profits.
DDoS As a Smokescreen
The second most damaging threat revealed by the survey was the risk of intellectual property theft, followed by the threat of malware infection associated with a DDoS attack. Indeed, the majority of respondents believed that DDoS attacks are being used by attackers as a precursor or smokescreen for data breach activity. Incidents like the infamous Carphone Warehouse attack remind us of the dangers of enterprise IT teams being distracted by DDoS attacks, while hackers take advantage of degraded network security to exploit other vulnerabilities for financial gain.
When hackers use DDoS attacks as a smokescreen, they typically use low-volume, short duration attacks that are designed not to outright deny service but to distract from their alternative motives. In addition to service outages, latency and downtime, short attacks allow cyber-criminals to test for vulnerabilities within a network. Considering the huge liability that organizations can face in the event of a data breach, IT teams must be proactive in defending against the DDoS threat and monitor closely for such malicious activity on their networks.
The IoT problem
The majority of respondents reported that their organization experiences between 20 and 50 DDoS attack attempts a month; equivalent to roughly one attack per day. Unsurprisingly, participants in the survey also viewed DDoS attacks as a bigger concern in 2018 than in the past, primarily due to the rise of insecure connected devices and the association between DDoS and data breach activity. Indeed, with the increased availability of cyber-attack tools and their capabilities, hackers can compromise IoT devices and enslave them into a botnet for use in DDoS attacks. For example, this year we’ve seen a new Mirai botnet known as Reaper which is reported to be targeting the financial sector. Reaper has been used to launch some of the largest botnet attacks since the infamous DDoS attack against DNS provider Dyn in October 2016 including those that hit three Dutch banks in January.
What’s next for DDoS?
With multi-vector attacks being the norm, DDoS attacks are becoming more complex to mitigate. The survey results indicate that more than 15 employees are typically involved in diffusing the threat when an attack strikes. In recent months we have also witnessed new records being set for the size of DDoS attacks, as cyber-criminals exploited the Memcached amplification attack vector to headline-grabbing effect. This has ushered in a new chapter in terms of DDoS attacks and made Terabit-scale events a reality.
As a result, any revenue and/or reputation sensitive organization with an online presence must take steps to ensure they are prepared for today’s DDoS attacks. The most effective way to defeat these threats is with always-on DDoS protection that can detect and mitigate the attacks in real-time.
For more information, please contact us.