The business impacts of DDoS attacks: survey results
- Published: Wednesday, 23 March 2016 10:33
What is the most damaging consequence of DDoS attacks to businesses? Losing the trust and confidence of your customers, according to nearly half of IT security professionals participating in Corero Network Security’s second annual DDoS Impact Survey. The industry study polled technology decision makers, network operators and security experts attending the recent 2016 RSA Conference about key DDoS issues and trends that Internet service providers and businesses face in 2016.
Nearly half (45 percent) of the IT security professionals who responded said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, while 34 percent said lost revenues were the worst effect.
DDoS attacks get the most attention when a firewall fails, service outage occurs, a website goes down or customers complain, but Larson warns that companies should be concerned about DDoS attacks even when the attacks are not large-scale volumetric attacks that saturate a company’s network and associated server infrastructure. Approximately one third (32 percent) of survey respondents indicated that DDoS attacks on their network occur weekly or even daily.
“That is a troubling, yet not surprising, statistic because DDoS attacks are incredibly inexpensive to create, and relatively easy to deploy,” said Dave Larson, COO at Corero Network Security. “Industry research, as well as our own detection technology, shows that cyber criminals are increasingly launching low-level, small DDoS attacks,” said Larson. The problem with such attacks is two-fold: small, short-duration DDoS attacks still negatively impact network performance, and—more importantly, such attacks often act as a smokescreen for more malicious attacks. “While the network security defenses are degraded, logging tools are overwhelmed and IT teams are distracted, the hackers may be exploiting other vulnerabilities and infecting the environment with various forms of malware.”
Larson noted that small DDoS attacks often escape the radar of traditional scrubbing solutions. Many organizations have no systems in place to monitor DDoS traffic, so they are not even aware that their networks are being attacked regularly.
The survey also asked participants about their current methods of handling the DDoS threat; nearly one third (30 percent) of respondents rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. “Those companies are very vulnerable to DDoS attacks because it’s well-documented that traditional security infrastructure products aren’t sufficient to mitigate DDoS attacks,” said Larson.
Interestingly, 30 percent of respondents currently rely on their upstream service providers to eliminate the attacks, yet an overwhelming majority (85 percent) of respondents indicated they believe upstream Internet Service Providers should offer additional security services to their subscribers to remove DDoS attack traffic completely. Furthermore, 51 percent responded that they would be willing to pay their Internet Service Provider(s) for a premium service that removes DDoS attack traffic before it is delivered to them, and 35 percent indicated they would allocate 5-10 percent of their current ISP spend to subscribe to this type of service.