A Kaspersky Lab survey report has quantified the average cost of DDoS attacks on organizations. The figures are contained in the ‘Global IT Security Risks Survey 2014 – distributed denial of service (DDoS) attacks’ report.
The survey found that:
“DDoS attacks cost small-to-medium-sized businesses (SMBs) an average of $52,000 per incident. For larger enterprises, the cost of a DDoS attack is an average of $444,000 in lost business and increased IT spending.”
“The most commonly-reported consequences of a DDoS attack include ‘hiring IT security consultants’ (65 percent); ‘temporary loss of access to business-critical information’ (61 percent), and ‘reactive spending on software or infrastructure’(49 percent). Another long-term cost of a DDoS attack is damage to a company’s reputation. 38 percent of businesses believe that a DDoS attack damaged their company’s reputation. 29 percent reported that a DDoS attack damaged their credit rating, and 26 percent reported an increase in their insurance premiums.”
“During a DDoS attack, ‘Significant increases in page-load times’ (52 percent) was the most commonly reported effect of a DDoS attack, with ‘slight increase in page load times’ reported by 33 percent of victims. More severe outcomes of DDoS attacks included transaction failures in 29 percent of cases, and complete disruption/complete unavailability of service in 13 percent of cases.”
Read the report (PDF).