New study finds that DDoS attacks cause an average of 17 hours of downtime per incident
- Published: Wednesday, 15 June 2016 09:23
A10 Networks has released a new report with IDG Connect. Entitled ‘DDoS: A Clear and Ever Present Danger,’ the report, which surveyed 120 IT decision makers at large organizations, finds that the average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime , including slowdowns, denied customer access or crashes.
As DDoS attacks become more widespread, they are also growing harder to defend. While the average peak bandwidth of attacks was a staggering 30 to 40 gigabits per second (Gbps), 59 percent of organizations have experienced an attack over 40 Gbps. A majority of respondents (77 percent) also expect sophisticated multi-vector attacks, which are expected to pose the most dangerous type of DDoS attack in the future.
More than half of the surveyed organizations said they planned to increase their DDoS prevention budgets in the next six months. IT security teams are the most likely to lead DDoS prevention efforts (36 percent), followed closely by the chief security officers (26 percent) and the CIO (26 percent).
Key report findings include:
- The typical company was hit by an average of 15 DDoS attacks per year, with larger organizations experiencing more.
- One in five companies reported effective downtimes of over 36 hours, with the average attack resulting 17 hours.
- 33 percent of respondents reported DDoS attacks over 40 Gbps, with the most common attacks including UDP Flood (23 percent), Slow Post/Slowloris (16 percent) and SYN Flood (14 percent).
- 77 percent believe multi-vector attacks, which include volumetric and application layer attacks, will be the most dangerous in the future.
- Over half of the respondents plan to increase their DDoS budgets in the next six months (54 percent).
- 53 percent of respondents say that on-premise protection is required to be the most effective solution to address a multi-vector DDoS threat, either ‘hybrid’ protection (34 percent), or an on premise appliance only solution (19 percent).
Read the report (PDF).