DDoS attacks threat and mixed attitude – survey

While the total amount of companies reporting to experience DDOs attacks is more or less stable over recent years, in 2015 there was a slight increase in the number of businesses considering them the most damaging type of cyberincidents.

DDoS attacks are a noticeable, although not a dominating, type of external threat for businesses. While the total amount of companies reporting to experience such attacks is more or less stable over recent years, in 2015 there was a slight increase in the number of businesses considering them the most damaging type of cyberincidents (6%, up from 4% in 2014).

What is the overall damage from a DDoS attack?

That’s what the new special report by Kaspersky Lab is dedicated to.

The survey finds that…

Among 5,500 companies surveyed in 26 countries, 20% of businesses with 50+ employees reported to have experienced a DDoS attack, with telecoms, financial services, and the IT industry hit most often.

  • 50% of DDoS attacks lead to a noticeable disruption of services. 24% of attacks lead to services being completely unavailable.
  • 74% of attacks that lead to a noticeable disruption of service coincided with a different type of security incident, such as a malware attack, network intrusion or other type of attack. In other words, it’s rather a smokescreen for other hostile activities.
  • 26% of DDoS attacks lead to the loss of sensitive data.
  • The top three types of infrastructure targeted are: public websites, the limited access customer portal, and general communications infrastructure.
  • A DDoS attack is most likely to last for several hours. But 7% of businesses reported attacks that lasted a week, resulting in a severe impediment of services.
  • 12% of businesses are confident that a DDoS attack was initiated by their competition. Cases of successful proof-gathering here are, however, few and far between.

On average, enterprises lose $417,000 as a result of a denial of service attack and SMBs lose $53,000. Compared to the average losses connected with other types of security breaches, DDoS attacks damage small and medium companies more than enterprises, most likely due to the limited budget they have available for DDoS prevention services.

For large companies DDoS is the 9th most expensive type of a breach, but for SMBs it’s the fourth most expensive, and the amount of loss is comparable to such incidents as network intrusion ($56K) and cyber espionage ($69K – the largest average recovery budget for SMBs).

Damage summands

The survey shows that the most commonly affected service is a business’s public website, with almost half of surveyed businesses (47%) citing their website’s inability to function during a DDoS attack. At 38%, the customer portal or login area was the second most affected area, while issues with communications services (37%) were the third most affected service.


Direct results of DDoS attacks are an increase in page loading times, a partial failure of transactions that depended on an affected service or the complete unavailability of services. These problems vary by the level of repercussions and collateral damage. While an increase of page loading time is no big deal, complete unavailability is a business continuity disruption, which is always critical.

But these “direct results” are just a part of what businesses have to face under and after a successful DDoS attack. A survey conducted earlier this year showed that the majority of companies were afraid of losing seemingly guaranteed revenue and contracts the most – 26% of companies saw this as primary risks.

Reputational risks ranked next with 23%. This sort of risk is especially problematic for total web-dependent businesses, whose services should be available 24/7. Losing current customers who could not access the anticipated service due to a DDoS attack came in third place: It was named by 19% of respondents. Technical issues were at the bottom of the list: 17% of respondents identified a need to deploy backup systems that would keep operations online as the most undesirable consequence, while 14% were most concerned with the costs of fighting the attack and restoring services.

The new survey shows that 56% of IT professionals consider spending money to prevent or mitigate an attack in the future a worthy investment. Yet only 34% of respondents have fully implemented DDoS prevention systems of any type. At the same time, 12% list DDoS prevention as one of their top priorities for the next year.

Many businesses still feel that a mitigation strategy is too complex and expensive for them to implement – two thirds of surveyed businesses haven’t done it. A possible explanation is rather simple: while DDoS attacks are very easy to launch, they are considered very hard to protect against. They are not so “overwhelming” and omnipresent as spam and malware, so businesses often prefer to take risks, in hopes that they won’t be hit any time soon. This is not a “best practice” kind of an attitude. And it definitely doesn’t make anyone protected.

“The solution to this is straightforward: vendors have to take technical challenges upon themselves, offering an easy to implement and use solution to clients. This is the approach that we have chosen for the Kaspersky DDoS Protection solution,” says Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.

Kindly click this link to learn more about Kaspersky DDoS Protection system and the ways it works.

The full text of the report on the consequences and perception of DDoS attacks is available here.