According to a new report from UK-based cybersecurity firm, Corero Network Security, businesses are increasingly losing significant amounts of money when a DDoS attack strikes.
The report, which surveyed 327 security professionals worldwide, saw 91% of respondents saying that individual DDoS attacks on their companies on average cost them up to £35,000 (approx. $50,000) per attack in lost business and productivity, in addition to mitigation costs. Despite the significant number, however, lost revenue is only deemed to be the fourth most damaging consequence of a DDoS attack.
Most respondents said that loss of customer trust and confidence was the biggest threat to a business following a DDoS attack, placing the risk of intellectual data property theft second, and the threat of malware infection third, according to the survey from Corero. The security professionals surveyed cover a wide range of fields from financial services to cloud to government to online gaming.
69% of respondents said their organization is hit by between 20-50 DDoS attacks per month, which translates to approximately one per day. Corero found that DDoS attacks have doubled in frequency over the past six months. Most respondents put this down to a growth in IoT botnets as a result of unsecured IoT devices.
Ashley Stephenson, Corero’s CEO, said that DDoS attacks can have an “immediate and damaging” impact on a company’s bottom line in the short and longer term. “Not all DDoS attacks will cost an organisation £35,000, but having your website taken offline can damage customer trust and confidence. It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets,” he said. Stephenson noted that damage to a company’s reputation can negatively impact customer loyalty, churn and corporate profits.
The report also noted the growth in complexity of DDoS attacks, and the way in which they frequently work as a smokescreen for more serious network infractions. 85% of those surveyed, in fact, think that DDoS attacks are used in this way. A surprisingly large number, 71%, said that their organization had experienced a ransom-driven DDoS attack. Corero said that RDoS attacks were on the rise.
“Hackers will gladly take advantage of distracted IT teams and degraded network security defences to exploit other vulnerabilities for financial gain. Considering the huge liability that organisations can face in the event of a data breach, IT teams must be proactive in defending against the DDoS threat, and monitor closely for malicious activity on their networks,” he said.