Hit By DDoS? You Will Be Hit Again…

More than 80% of DDoS victims are attacked a second time.

More than half of all DDoS strikes have resulted in some kind of customer data loss, intellectual property theft or disappearance of money, according to a new report from Neustara marketing, IT and security services, data services and domain registry company.

It’ll happen again, too. The IT firm also discovered that the vast majority of organizations (82 percent) are attacked again after the first DDoS onslaught.

“DDoS attacks continue to pose a legitimate threat as a dangerous weapon used to create chaos and hold organizations hostage,” Neustar says in the report. Not many are “spared,” the security outfit says, and almost half of those blitzed once were thrashed six or more times.

Company responses to DDoS attacks

DDoS attacks are “an institutionalized weapon of cyber warfare,” says Rodney Joffe, head of IT security research at Neustar, in a press release. “The reverberations are felt like a domino effect throughout all departments.”

The consequences appear to be an overall increase in investment in DDoS protection, though. “Participating in security consortiums to share information on threats and counter measures” is also becoming popular, the release says.

About three quarters (76 percent) of the battered companies increased spend on protection in 2015. Half (47 percent) joined in with others to share information.

Sharing information is critical

Interestingly, another recent report complains of private-sector cybersecurity folks not sharing enough. Fedscoop writes about McAfee’s March 2016 study of 500 business professionals who said they “were aware of cyber-threat sharing initiatives” but weren’t convinced they wanted to reciprocate—even though they would be happy to receive such information.

“Ninety-one percent said they would be interested in receiving information relevant to their industry. Only 63 percent said they would be likely to reciprocate by sharing their own intelligence,” Fedscoop says of the McAfee study.

Sharing is important to get a picture of who the attackers are, what they are assailing and how they’re doing it. A “lack of understanding” and corporate policy issues are “barriers to sharing,” Fedscoop explains.

The increase in DDoS protection spending uncovered by Neustar wasn’t across the board.

Thirty-seven percent of the companies surveyed say they’re investing more than a year ago, and that it’s “in proportion to the threat of DDoS attacks.” Another 39 percent say they are investing but think they should invest even more.

Sixteen percent aren’t investing more, though. A further 5 percent not only aren’t investing more, but they say DDoS isn’t a high priority. Only 3 percent have no specific anti-DDoS budget.

Neustar surveyed 1,005 executives across the tech, financial services and government sectors in late 2015. Seventy-nine percent of the organizations “report yearly revenues of more than $100 million, with $1 billion or more in annual revenue,” it says.

The loss numbers are big, too. Half of the organizations “would lose at least $100,000 per hour in a peak-time DDoS-related outage, [and] 33 percent would lose more than $250,000 per hour.”

And almost half (42 percent) “needed at least three hours to detect that they were under DDoS attack,” Neustar says.

Ein News

 

« Tracking Islamic State Impeded By Encryption
IS Forms Mega Hacking Group »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Advantech

Advantech

Advantech is a leader in providing trusted innovative embedded and automation products and solutions. Activities include IoT security.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

Mitek Systems

Mitek Systems

Mitek's global mobile capture and identity verification technology optimizes the digital user experience for thousands of financial services organizations.

Digiserve

Digiserve

Digiserve by Telkom Indonesia is an end-to-end managed solutions provider committed to empowering enterprises in Indonesia.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

Information System Authority (RIA) - Estonia

Information System Authority (RIA) - Estonia

RIA ensures the interoperability of the state’s information system, organises activities related to information security, and handles security incidents in Estonian computer networks.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

FourNet

FourNet

FourNet is an award-winning provider of cloud and managed services; we work closely with our clients to enable digital transformation across their organisation.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

Telit Cinterion

Telit Cinterion

Telit Cinterion is a global enabler of the intelligent edge providing highly secure IoT solutions, modules and services.

ViroSafe

ViroSafe

ViroSafe is a leading value-added distributor of IT security solutions in Norway.