While it would be obvious to say that DDoS attacks are “bad for business”, the threat is often underestimated, overlooked, or neglected. Surveys show less than 40% of companies take preventive measures against DDoS, which clearly means the risks these sort of attacks pose aren’t always clearly understood. At least until the attack takes place. In this post, we take a look at understanding these risks.
Because a DDoS attack is always a very narrowly-targeted event, the chances of getting hit with such an attack are a bit lower than to “catch” a Cryptolocker or some other – generic – Trojan. However, DDoS attacks have become the most common and affordable cyberweapon (launching it may cost around 50 dollars a day), – i.e. the easiest way to inflict targeted damage that may have long-lasting consequences.
The first – and probably primary – problem with DDoS attacks is that they can bog down all business processes in the company that may require use of the network. The amount of junk traffic, depending on the nature of the attack, overwhelms servers or bandwidth. Either way, the target’s web services or web sites become unreachable from the outside, which means normal workflow stops until the DDoS attack subsides or the junk traffic gets filtered off.
And that’s where most of the risks reside.
Some businesses are more sensitive to a disruption of their processes than the others, and for them, risks of getting hit with a DDoS attack are far greater. Still, with probably 99.999% of the world’s businesses depending on internet communication, everyone is at risk – more or less.
What companies fear? A recent survey by Kaspersky Lab and B2B International shows that the majority of companies are afraid of losing seemingly guaranteed revenue and contracts the most. 26% of companies see this as the primary risks.
Reputational risks rank next with 23%. This sort of risk is especially problematic for totally web-dependent businesses, whose services should be available 24/7. Even if the attack is quickly drummed off, recovery of the business itself may take quite awhile.
Losing current customers who could not access the anticipated service due to a DDoS attack came in third place: it was named by 19% of respondents. Technical issues were at the bottom of the pile: 17% of respondents identified a need to deploy backup systems that would keep operations online as the most undesirable consequence, while 14% were most concerned with the costs of fighting the attack and restoring services.
Depending on industry
The figures shown above suggest that companies – in general – are more troubled with the costs of setting up backups (which is, by the way, a normal security measure) than mitigating and recovery costs.
However, this depends on the field. For example, industrial and telecoms companies, as well as e-commerce, utilities, and energy organizations, tend to rate reputational risks ahead of lost business opportunities. In the construction and engineering sector there is more concern about the cost of setting up backup systems, perhaps because larger companies face higher expenditure on this kind of system.
Overall it looks as though businesses tend to underestimate the situation with DDoS attacks in general and risks they pose.
According to the results of another recent study conducted by Kaspersky Lab and B2B International, a DDoS attack on a company’s online resources might cause considerable losses – with average figures ranging from $52,000 to $444,000 depending on the size of the company. For many organizations these expenses have a serious impact on the balance sheet as well as harming the company’s reputation due to loss of access to online resources for partners and customers.
DDoS attacks on company resources are becoming a costly problem, but only 37% of the organizations surveyed said they currently have measures in place to protect against them. This is an unnecessary oversight at a time when the IT security market can offer reliable and easy-to-deploy security solutions that are able to prevent loss of access to online services caused by a DDoS attack.