IT disaster recovery, cloud computing and information security news

Costs and impacts of DDoS attacks studied

DDoS attacks can cost enterprises up to $50,000 (£35,000) per attack – but lost revenue is still only considered to be the fourth most damaging consequence of this type of cyber attack, according to research published by Corero Network Security.

The Corero research surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors.  An overwhelming number of respondents (91 percent) said that individual DDoS attacks can cost their organizations up to $50,000 in terms of lost business, the cost of mitigating attacks and lost productivity. In addition, 69 percent indicated that their organization experiences between 20-50 DDoS attack attempts per month – equivalent to roughly one attack per day.

But despite this high figure, the vast majority of respondents (78 percent) cited the loss of customer trust and confidence as the single most damaging effect on business of DDoS attacks.  The second most ranked threat was the risk of intellectual property theft, followed by the threat of malware infection associated with a DDoS attack. Lost revenue was only considered to be the fourth most damaging consequence.

Ashley Stephenson, CEO at Corero Network Security, explains: “DDoS attacks can have an immediate and damaging impact on a company’s bottom line, both in terms of lost revenue and the costs incurred in terms of manpower required to mitigate attacks. Not all DDoS attacks will cost an organization $50,000, but having your website taken offline can damage customer trust and confidence. It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets. These attacks cause lasting damage to a company’s reputation and could have negative consequences for customer loyalty, churn and corporate profits.”

The research also highlights the growing complexity of DDoS attacks, and their capacity to act as a distraction for more serious network incursions.  The great majority of those surveyed (85 percent) believe that DDoS attacks are used by attackers as a precursor or smokescreen for data breach activity. In addition, 71 percent reported that their organization has experienced a ransom-driven DDoS attack.

Participants also viewed DDoS attacks as more of a concern in 2018 than in the past.  The clear majority (83 percent) cited the proliferation of unsecured Internet of Things (IoT) devices as the top reason for this concern, closely followed by the association between DDoS and data breach activity. DDoS attacks are also becoming more complex to mitigate, with more than 15 employees typically involved in diffusing the threat when an attack strikes, according to two-thirds of respondents (66 percent).

The Corero research surveyed a total of 327 security professionals worldwide from a range of industries including financial services, cloud, government, online gaming and media sectors.  The research was conducted online between January and March 2018.

View an Infographic summary of the results (PDF).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.