During 2015, 73% of organizations across the globe experienced a DDoS attack with 45% of organizations reporting the installation of a virus or malware, according to a study by Neustar. This is perhaps a sign that attackers are interested in causing ongoing harm, with 82% of those attacked stating they were then attacked repeatedly, for nearly half of respondents this was more than six times, a fact that should be a warning call for every organization with a digital presence. With the bombardment fairly constant throughout 2015, it is no longer a matter of if or when attacks might happen, but how often and how long the attack will last.
The Threatscape Widens: DDoS Aggression and the Evolution of IoT Risks Report highlighted that exactly half of organizations would lose at least $100,000 per hour in a peak-time DDoS related outage (a third would lose more than $250,000 per hour), and 42% needed at least three hours to detect that they were under DDoS attack.
Although revenue loss caused by a DDoS related outage is usually the main concern, 57% of all breaches involved some sort of theft including intellectual property and customer data as well as financial information.
The frequency and impact of these attacks give a good indication as to why business continuity professionals are worried about them, with cyber attacks and data breaches topping the list of threats organizations face in the latest Horizon Scan Report by the Business Continuity Institute. 85% and 80% respectively, expressed concern about the prospect of these threats materialising and disrupting the organization.
Faced with this ongoing onslaught, the report demonstrates that increasingly DDoS-defence savvy organizations are now arming themselves accordingly. 76% of companies are investing more in DDoS protection than in 2014, and 47% of the attacked organizations are participating in security consortiums to share information on threats and counter measures.
“The findings of our most recent report are clear: attacks are unrelenting around the world but organizations are now recognizing DDoS attacks for what they are - an institutionalized weapon of cyber warfare – and so are protecting themselves,” says Rodney Joffe, Head of IT Security Research at Neustar. “We present the data from our third DDoS survey as a means to inform the public of the dangers associated with DDoS attacks, and advance a conversation about the importance of multi-layered cybersecurity. This should be a discourse that reaches from security through to marketing, as when a DDoS attack hits, the reverberations are felt like a domino effect throughout all departments.”