The Most Damaging Ramifications of DDoS Attacks

Uploaded on 2015-07-20 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

ddos.jpg

More than half of IT security professionals (52 percent) said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, according to a survey conducted at RSA Conference 2015 and Infosecurity Europe 2015 by Corero Network Security.

In addition, 22 percent of respondents indicated that DDoS attacks have directly impacted their bottom line – disrupting service availability and impeding revenue-generating activity.

corero-072015-1.jpg

 

One-fifth of respondents cited a virus or malware infection as the most damaging consequence of a DDoS attack, and 11 percent indicated that data theft or intellectual property loss as a result of a DDoS event is of highest concern.

“DDoS attacks are often used as a distraction technique for ulterior motives. They’re not always intended for denying service, but rather as a means of obfuscation, intended to degrade security defenses, overwhelm logging tools and distract IT teams while various forms of malware sneak by,” according to Dave Larson, CTO at Corero Network Security.

Nearly half of those surveyed admitted to responding reactively to DDoS attacks. When asked how they knew that they suffered a DDoS attack, 21 percent cited customer complaints of a service issue as the indicator of an attack, while 14 percent said the indicator was infrastructure outages (e.g. when their firewalls went down), and another 14 percent said application failures, such as websites outages, alerted them to the DDoS event.

In contrast, less than half of respondents (46 percent) were able to spot the problem in advance by noticing high bandwidth spikes, an early sign of an imminent attack, by using other network security tools.

Approximately 50 percent of respondents rely on traditional IT infrastructure, such as firewalls or Intrusion Prevention Systems to protect against DDoS attacks, or they depend on their upstream provider to deal with the attacks. Only 23 percent of those surveyed have dedicated DDoS protection via an on-premise appliance-based technology or from an anti-DDoS cloud service provider.

However, it appears that many organizations are more in tune with the ramifications of DDoS attacks, as 32 percent indicate that they have plans to adopt a dedicated DDoS defense solution to better protect their business in the future.

"It looks like this survey is trying to sell the merits of on-premise strategy equipment, said Jag Bains, CTO at DOSarrest. "What it fails to elaborate on, is the challenge of enterprise or hosting networks that do not have large amounts of capacity to be even be able to deliver traffic to the various on premise solution out there, which is a very costly endeavor in terms of capex and opex should they decide to upgrade their capacity," concludes Bains.

Avi Freedman, CEO at Kentik, agrees with Bains: "In many cases, organizations are finding on-premise DDoS appliances to be overly expensive to select, evaluate, and run, and they can't effectively alone protect against the largest attacks. Further, cloud-based or peering-based mitigation techniques are working well in the field for hundreds of customers, so long as there are reliable mechanisms to invoke them in a timely manner. Some of the highest traffic web properties in the world use cloud DDoS mitigation providers with no specialized on-prem hardware deployed or necessary."
Net-Security: http://bit.ly/1TC94WJ

« Airlines on Defence Amid Cyber Warfare: IATA
Repelling the cyber-attackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Swivel Secure

Swivel Secure

Swivel Secure is an award winning provider of multi-factor authentication solutions.

Zerto

Zerto

Zerto provides enterprise-class disaster recovery and business continuity software specifically for virtualized data centers and cloud environments.

IPCopper

IPCopper

IPCopper specializes in network packet capture appliances for cybersecurity, cybersurveillance and network monitoring, and encrypted data storage.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

Cyversity

Cyversity

Cyversity's mission (formerly ICMCP) is the consistent representation of women and underrepresented minorities in the cybersecurity industry.

Neurosoft

Neurosoft

Neursoft is a fully integrated ICT company with Software Development, System Integration and Information Technology Security capabilities.

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

IPification

IPification

IPification is a highly secure, credential-less, network-based authentication solution for frictionless user experience on mobile and IoT devices.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

Sec-Ops

Sec-Ops

Sec-Ops is a forward thinking cyber security company, formed by a group of security enthusiasts with years of experience and backgrounds in the technology and the government industries.

Vorlon

Vorlon

Vorlon's agentless patent-pending solution facilitates risk profiling of apps, and provides AI-driven behavioral analytics with response recommendations.

Academia the Technology Group

Academia the Technology Group

Academia specialise in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.