What is the worst effect of DDoS attacks to businesses? Lost revenues, according to 34% of IT security professionals participating in Corero Network Security’s second annual DDoS Impact Survey.
The industry study polled technology decision makers, network operators and security experts attending the recent 2016 RSA Conference about key DDoS issues and trends that Internet service
providers and businesses face in 2016.
“Network or website service availability is crucial to ensure customer trust and satisfaction, and vital to acquire new customers in a highly competitive market,” said Dave Larson, COO at Corero Network Security. “When an end user is denied access to Internet-facing applications or if latency issues obstruct the user experience, it immediately impacts the bottom line.”
Loss of customer trust, lost revenues
Nearly half (45 percent) of the IT security professionals who responded said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, while 34% said lost revenues were the worst effect.
DDoS attacks get the most attention when a firewall fails, service outage occurs, a website goes down or customers complain, but Larson warns that companies should be concerned about DDoS attacks even when the attacks are not large-scale, volumetric attacks that saturate a company’s network and associated server infrastructure.
Approximately one third (32%) of survey respondents indicated that DDoS attacks on their network occur weekly or even daily.
“That is a troubling, yet not surprising, statistic because DDoS attacks are incredibly inexpensive to create, and relatively easy to deploy,” said Larson.
“Industry research, as well as our own detection technology, shows that cyber criminals are increasingly launching low-level, small DDoS attacks,” said Larson. "The problem with such attacks is two-fold: small, short-duration DDoS attacks still negatively impact network performance, and—more importantly, such attacks often act as a smokescreen for more malicious attacks."
Larson notes that while the network security defenses are degraded, logging tools are overwhelmed and IT teams are distracted, the hackers may be exploiting other vulnerabilities and infecting the environment with various forms of malware.
Larson adds that small DDoS attacks often escape the radar of traditional scrubbing solutions.
Many organizations have no systems in place to monitor DDoS traffic, so they are not even aware that their networks are being attacked regularly.
Methods of handling DDoS threat
The survey also asked participants about their current methods of handling the DDoS threat; nearly one third (30%) of respondents rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks.
“Those companies are very vulnerable to DDoS attacks because it’s well-documented that traditional security infrastructure products aren’t sufficient to mitigate DDoS attacks,” said Larson.
Interestingly, 30% of respondents currently rely on their upstream service providers to eliminate the attacks, yet an overwhelming majority (85%) of respondents indicated they believe upstream Internet Service Providers should offer additional security services to their subscribers to remove DDoS attack traffic completely.
Furthermore, 51% responded that they would be willing to pay their Internet Service Provider for a premium service that removes DDoS attack traffic before it is delivered to them, and 35% indicated they would allocate 5-10% of their current ISP spend to subscribe to this type of service.