DDoS Attacks: Affordable for Cybercriminals, Costly for Victims

It may be a news flash to some people, that cybercrime and online fraud are incredibly cheap commodities. Since 2017, analysts from Flashpoint have been conducting surveys of the Deep and Dark Web, to find out how much cybercriminals charge for their various illicit services, ranging from selling lists of social security numbers, fake passports and other personal identity information, to DDoS-for-hire services which can be used to easily launch damaging Distributed Denial of Service attacks. For cybersecurity professionals, the survey results are neither surprising nor comforting.

According to the Flashpoint report, DDoS-for-hire services typically cost as little as $10-25 per hour, but “The most expensive per hour DDoS attack rates include attacks on government, military, or bank websites; the costs for such services typically range from $100 to $150 USD per hour.”  The price of renting a DDoS botnet, “ranges from $1 to $100 USD and varies upon bandwidth and duration. This pricing is noticeably higher than 2017 when the high end of the range was $27.”

That’s dirt cheap, folks. Though the price may have risen slightly over two years, it’s still much too easy and inexpensive for anyone with the motivation to launch a damaging DDoS attack at a target of their choice. That’s one reason why attacks are now so common. But, just because they’re cheap doesn’t mean they’re not sophisticated and increasingly difficult to mitigate. Certainly, in recent years the attacks have become much more sophisticated, using automated and multi-vector attacks that make them impossible to thwart with human observation and manual intervention, even for trained security analysts.  These attacks are often stealthy and sub-saturating in nature, making them increasingly difficult to distinguish from regular traffic without dedicated DDoS protection solutions in place.

The High Costs of an Unmitigated DDoS Attack

Launching a DDoS attack is relatively easy and inexpensive, but their impact is costly. Attacks lead to downtime or, at the very least, reduced responsiveness of the targeted applications and services. Organizations that are the victim of a DDoS attack typically suffer damage to their brand reputation, as well as loss of customer trust, and revenue. And, organizations incur additional costs in terms of the manpower required to mitigate and recover from those attacks. Furthermore, in Europe, for example, the GDPR and NIS legislation has significantly increased the risk of punitive fines for organizations that can’t demonstrate adequate efforts to avoid outages to critical services.

How Businesses Can Respond

What are the risks of DDoS attacks for organizations? Certainly, some industries are more likely than others to be attacked: gaming, financial services, hosting providers and Internet service providers are commonly targeted. However, many other organizations are attacked, and it’s generally difficult, if not impossible, to figure out who launched an attack or why. Organizations that believe they are not being targeted by DDoS attacks, would be wise to invest in specialist DDoS network visibility tools, to take a closer look.

Increasingly, organizations must view DDoS protection as an investment in risk management, to maintain business continuity, and protect their bottom line. To successfully detect and mitigate DDoS attacks, large and small, it’s necessary to have an automated, always-on DDoS mitigation solution.

Readers may download the full Flashpoint report here.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here.  If you’d like to learn more, please contact us.

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.