According to figures released by Kaspersky Lab in late February, about 16% of companies worldwide suffered a Distributed Denial of Service (DDoS) attack, rising to a quarter of enterprises.
While for most, these attacks focused on external activities, some companies discovered that DDoS attacks targeted their internal systems. A quarter said their file servers had been affected and 15% said their operational systems had been hit. Another 15% said a DDoS attack impacted overall ISP network connectivity.
The aim of DDoS actors is mostly the same: to hinder business processes, to interrupt continuity. The reasons behind it may vary, but it is very common that attackers just try to extort money from the targeted business that way.
#DDoS attacks target businesses’ internal systems as well as websitesTweet
Unsurprisingly, in terms of business sector, manufacturing was particularly susceptible to the DDoS attacks targeting internal systems. A quarter of victims said their operational systems had been affected and over a third noticed an impact on file servers; while up to one-in-five telecoms, transportation, IT and government organizations noticed that their network connectivity had suffered.
As previously reported, on average, enterprises lose $417,000 as a result of a denial of service attack and SMBs lose $53,000. For large companies, DDoS is the 9th most expensive type of breach, but for SMBs it’s the fourth most expensive, and the amount of loss is comparable to such incidents as network intrusion ($56K) and cyber espionage ($69K – the largest average recovery budget for SMBs).
These figures represent an “isolated” damage from DDoS attacks alone; there are, however, occasions where DDoS attacks are used as a mere decoy for much more damaging attacks, a smokescreen for intrusion and data or funds exfiltration. Such cases are especially problematic: the criminal activities may stay unnoticed while the attacked company’s IT staff is busy trying to filter out the avalanche of junk data and doesn’t see thieves in the unlit corner.
Take a look at Kaspersky Lab’s Q4 report on DDoS attacks: it highlights certain trends observed in late 2015, as well as showing the big picture of the situation with DDoS attacks.
As for practical response, Kaspersky Lab offers a solution Kaspersky DDoS Protection which combines Kaspersky Lab’s extensive experience in combating cyber-threats with the company’s in-house software development expertise. The solution protects against all types of DDoS attacks, regardless of their complexity, power, duration and immediate target be it a website or some internal system. Kaspersky Lab’s solution protects any online service that could come under attack, including business applications, services, databases and more. Further information about the solution is available here.