IT disaster recovery, cloud computing and information security news

New study finds that DDoS attacks cause an average of 17 hours of downtime per incident

A10 Networks has released a new report with IDG Connect. Entitled ‘DDoS: A Clear and Ever Present Danger,’ the report, which surveyed 120 IT decision makers at large organizations, finds that the average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime , including slowdowns, denied customer access or crashes.

As DDoS attacks become more widespread, they are also growing harder to defend. While the average peak bandwidth of attacks was a staggering 30 to 40 gigabits per second (Gbps), 59 percent of organizations have experienced an attack over 40 Gbps. A majority of respondents (77 percent) also expect sophisticated multi-vector attacks, which are expected to pose the most dangerous type of DDoS attack in the future.

More than half of the surveyed organizations said they planned to increase their DDoS prevention budgets in the next six months. IT security teams are the most likely to lead DDoS prevention efforts (36 percent), followed closely by the chief security officers (26 percent) and the CIO (26 percent).

Key report findings include:

  • The typical company was hit by an average of 15 DDoS attacks per year, with larger organizations experiencing more.
  • One in five companies reported effective downtimes of over 36 hours, with the average attack resulting 17 hours.
  • 33 percent of respondents reported DDoS attacks over 40 Gbps, with the most common attacks including UDP Flood (23 percent), Slow Post/Slowloris (16 percent) and SYN Flood (14 percent).
  • 77 percent believe multi-vector attacks, which include volumetric and application layer attacks, will be the most dangerous in the future.
  • Over half of the respondents plan to increase their DDoS budgets in the next six months (54 percent).
  • 53 percent of respondents say that on-premise protection is required to be the most effective solution to address a multi-vector DDoS threat, either ‘hybrid’ protection (34 percent), or an on premise appliance only solution (19 percent).

Read the report (PDF).

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.