DDoS attacks are becoming more effective at causing downtime
Disruptive cyber-attacks are becoming more effective at breaching security defences, causing major disruption and even bringing down systems for whole working days, according to a new global study from BT.
The research reveals that 41 percent of organizations globally were hit by Distributed Denial of Service (DDoS) attacks over the past year, with more than three quarters of those (78 percent) targeted twice or more in the year.
DDoS attacks are seen as a key concern by more than a third of UK organizations (36 percent). Globally the worry is even greater, with almost twice as many organizations naming the attacks a key concern (58 percent).
The new study explores the attitudes to and preparedness for DDoS attacks of IT managers from organizations in eleven countries and regions around the world. It reveals that despite the growing concern over the attacks, only about half of UK organizations (49 percent) have a response plan in place. Less than one in 10 UK decision makers (eight percent) strongly believe they have sufficient resources in place to counteract an attack.
DDoS attacks can cause major disruption for organizations; they can take down an organization’s website, overwhelm a data centre or generally cause networks to grind to a halt and become unusable. They are also increasingly becoming more complex and difficult for organizations to fend off.
Nearly two thirds (59 percent) of those polled agree that DDoS attacks are becoming more effective at subverting their organization’s IT security measures. Attackers are often adopting hybrid, or multi-vector, attack tactics which involve attacks through multiple platforms. These have increased by two fifths (41 percent) during the past year.
Multi-vector attacks pose increased complexity and risk as they involve multiple attack methods deployed simultaneously. These often require a dedicated mitigation team to track and combat the threat across multiple fronts, as automated systems are less likely to be able to offer adequate protection.
Mark Hughes, president of BT Security, said: “DDoS attacks have evolved significantly in the last few years and are now a legitimate business concern. They can have a damaging effect on revenues and send an organization into full crisis mode. Reputations, revenue and customer confidence are on the line following a DDoS attack, not to mention the upfront time and cost that it takes an organisation to recover following an attack. Finance, e-commerce companies and retailers in particular suffer when their websites or businesses are targeted.”
“Organizations need a higher level security solution to protect not only the network infrastructure but the devices that initially provide protection.”
Unsurprisingly, organizations see an increase in customer complaints when their network systems go down after a DDoS attack. Respondents said customer complaints and queries jumped by an average of 36 percent.
The impact that DDoS attacks can have on organizations is felt in the length of time it takes them to recover from their most severe attack. On average, organizations take 12 hours to fully recover from an especially powerful attack – longer than an entire working day. In the UK, more than half of IT decision makers (58 percent) admit that DDoS attacks have brought down their systems for more than six hours – almost a full working day.
The research was undertaken by Vanson Bourne for BT in May 2014. 640 interviews were carried out with IT decision makers in medium to large sized organizations (1000+ employees) across eleven countries and regions – UK, France, Germany, US, Spain, Brazil, Middle East, Hong Kong, Singapore, South Africa and Australia – and in a range of sectors including finance, retail and public sector.
•Date: 2nd July 2014 • World •Type: Article • Topic: ISM