Over a quarter of businesses that have been hit by a distributed denial of service (DDoS) attack don’t think they were the intended target, highlighting that businesses can’t afford to be complacent when it comes to today’s threat landscape. According to research from Kaspersky Lab, 27 percent of respondents said being an innocent bystander was the most likely reason for DDoS attacks on their organization, suggesting that all businesses are in the firing line, even when they are not on the hit list.
The continued threat of DDoS attacks and the value that they bring to those that deploy them – from halting company operations, through to accessing confidential information or demanding a ransom – means that all businesses are potential targets. Despite this, organizations are still showing signs of cyber-complacency, with 28 percent not using specialised anti-DDoS protection because they believe they are unlikely to be targeted by DDoS attacks.
However, this complacency is misplaced. Of the companies that experienced a security incident within the last 12 months, 44 percent blamed a DDoS attack as being a contributing factor to that incident – up from a quarter (25 percent) in 2016. This shows the impact of these types of attacks in today’s workplace and the need for organizations to proactively defend themselves against them.
It’s not just unintended attacks that firms must be ready to ward off at a moment’s notice. Nearly a quarter (23 percent) of businesses believe a competitor was behind a DDoS attack on their organization – most likely for espionage or disruption purposes; 24 percent believed it was used as a distraction tactic to hide another attack from IT staff, and 24 percent believe that a DDoS attack was designed to specifically disrupt their operations.
“Businesses can’t afford to display an ‘it won’t happen to me mentality’ towards DDoS attacks, but a worryingly large proportion of organizations are still doing so – despite today’s heightened threat landscape,” commented David Emm, Principal Security Researcher at Kaspersky Lab. “Given the number of attacks that companies have faced over the last year, businesses must take responsibility for their cybersecurity – no organization is safe from DDoS attacks. There is no room for complacency when it comes to keeping operations running smoothly and critical data protected.”