Costs and impacts of DDoS attacks studied
- Published: Monday, 23 April 2018 08:19
DDoS attacks can cost enterprises up to $50,000 (£35,000) per attack – but lost revenue is still only considered to be the fourth most damaging consequence of this type of cyber attack, according to research published by Corero Network Security.
The Corero research surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors. An overwhelming number of respondents (91 percent) said that individual DDoS attacks can cost their organizations up to $50,000 in terms of lost business, the cost of mitigating attacks and lost productivity. In addition, 69 percent indicated that their organization experiences between 20-50 DDoS attack attempts per month – equivalent to roughly one attack per day.
But despite this high figure, the vast majority of respondents (78 percent) cited the loss of customer trust and confidence as the single most damaging effect on business of DDoS attacks. The second most ranked threat was the risk of intellectual property theft, followed by the threat of malware infection associated with a DDoS attack. Lost revenue was only considered to be the fourth most damaging consequence.
Ashley Stephenson, CEO at Corero Network Security, explains: “DDoS attacks can have an immediate and damaging impact on a company’s bottom line, both in terms of lost revenue and the costs incurred in terms of manpower required to mitigate attacks. Not all DDoS attacks will cost an organization $50,000, but having your website taken offline can damage customer trust and confidence. It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets. These attacks cause lasting damage to a company’s reputation and could have negative consequences for customer loyalty, churn and corporate profits.”
The research also highlights the growing complexity of DDoS attacks, and their capacity to act as a distraction for more serious network incursions. The great majority of those surveyed (85 percent) believe that DDoS attacks are used by attackers as a precursor or smokescreen for data breach activity. In addition, 71 percent reported that their organization has experienced a ransom-driven DDoS attack.
Participants also viewed DDoS attacks as more of a concern in 2018 than in the past. The clear majority (83 percent) cited the proliferation of unsecured Internet of Things (IoT) devices as the top reason for this concern, closely followed by the association between DDoS and data breach activity. DDoS attacks are also becoming more complex to mitigate, with more than 15 employees typically involved in diffusing the threat when an attack strikes, according to two-thirds of respondents (66 percent).
The Corero research surveyed a total of 327 security professionals worldwide from a range of industries including financial services, cloud, government, online gaming and media sectors. The research was conducted online between January and March 2018.