14 DAY TRIAL // Real-time information and analytics provider Neustar has released a new report on distributed denial-of-service (DDOS) attacks and their impact on businesses.
The figures in the 2014 “DDOS Attacks and Impacts Report” show that more than 90% of respondents view DDOS attacks as a similar or bigger threat compared to the previous year.
Experts say that DDOS attacks are increasingly used by cybercriminals as a smokescreen. This means that they’re using DDOS attacks to keep the targeted company’s IT staff distracted while they plant malware that’s designed to steal data.
Close to half of the organizations that reported suffering a DDOS attack or a breach last year also had malware installed or activated on their systems. Furthermore, 55% of those targeted with DDOS attacks had funds, customer data or intellectual property stolen.
An analogy has been presented by Rodney Joffe, senior vice president and senior technologist at Neustar.
“When there’s a tremendous storm, you run around your house making sure all the windows are closed and you’ve got the flashlights ready. You’re not worried about anything else. DDoS attacks are similar. They create an all-hands-on-deck mentality, which is understandable but sometimes dangerous,” Joffe explained.
The study also shows that 90% of the targeted companies were attacked repeatedly. As far as the number of attacks is concerned, large attacks have almost tripled. More precisely, the number of cyberattacks between 1 and 5 Gbps in size has increased by 150%.
In 2013, the number of attacks that required over 10 people to mitigate doubled compared to the previous year.
When it comes to costs, 40% of attacked organizations estimated suffering losses of over $1 million (€730,000) per day. Over half of the costs of DDOS attacks were absorbed by non-IT departments, particularly customer support.
While most companies have some sort of DDOS protection system in place, most of them still rely on traditional solutions, including switches and firewalls.
“DDoS attacks create an ‘all hands on deck’ mentality, and the potential for damage is high as criminals take advantage of the distraction to grab and clone private data to tap into funds, intellectual property and more,” said Joffe.
“Businesses should look out for shorter, more intense attacks without the traditionally expected extortion or policy demands. It is critical that they protect themselves by dedicating staff to watch entry systems during attacks, making sure everything is patched and having dedicated DDoS protection.”
Read the complete Neustar 2014 “DDOS Attacks and Impacts Report.” The study is based on responses from 450 companies in North America, representing various industries.