Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Individual DDoS Attacks Can Cost Enterprises US$ 50,000 (£35,000)

DDoS attacks can cost enterprises $50,000 (£35,000) per attack – but lost revenue is still only considered to be the fourth most damaging consequence of this type of cyber-attack, according to research published today by Corero Network Security (LSE: CNS), a leading provider of real-time DDoS defense solutions.

The Corero research surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors.  An overwhelming number of respondents (91%) said that individual DDoS attacks can cost their organisations up to $50,000 in terms of lost business, the cost of mitigating attacks and lost productivity. In addition, 69% indicated that their organisation experiences between 20-50 DDoS attack attempts per month – equivalent to roughly one attack per day.

But despite this high figure, the vast majority of respondents (78%) cited the loss of customer trust and confidence as the single most damaging effect on business of DDoS attacks.  The second most ranked threat was the risk of intellectual property theft, followed by the threat of malware infection associated with a DDoS attack. Lost revenue was only considered to be the fourth most damaging consequence.

Ashley Stephenson, CEO at Corero Network Security, explains: “DDoS attacks can have an immediate and damaging impact on a company’s bottom line, both in terms of lost revenue and the costs incurred in terms of manpower required to mitigate attacks. Not all DDoS attacks will cost an organisation $50,000, but having your website taken offline can damage customer trust and confidence. It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets. These attacks cause lasting damage to a company’s reputation and could have negative consequences for customer loyalty, churn and corporate profits.”

The research also highlights the growing complexity of DDoS attacks, and their capacity to act as a distraction for more serious network incursions.  The great majority of those surveyed (85%) believe that DDoS attacks are used by attackers as a precursor or smokescreen for data breach activity. In addition, 71% reported that their organisation has experienced a ransom-driven DDoS attack.

Ashley Stephenson continues: “A DDoS attack can often be a sign that an organisation’s data is also being targeted by cyber criminals. As demonstrated by the infamous Carphone Warehouse attack, DDoS attacks can be used as a smokescreen for non-DDoS hacking attempts on the network. Hackers will gladly take advantage of distracted IT teams and degraded network security defences to exploit other vulnerabilities for financial gain.  Considering the huge liability that organisations can face in the event of a data breach, IT teams must be proactive in defending against the DDoS threat, and monitor closely for malicious activity on their networks.”

Participants also viewed DDoS attacks as more of a concern in 2018 than in the past.  The clear majority (83%) cited the proliferation of unsecured Internet of Things (IoT) devices as the top reason for this concern, closely followed by the association between DDoS and data breach activity. DDoS attacks are also becoming more complex to mitigate, with more than 15 employees typically involved in diffusing the threat when an attack strikes, according to two-thirds of respondents (66%).

Ashley Stephenson continues: “In recent months we’ve witnessed new records set for the size of DDoS attacks, as criminals exploited the Memcached amplification attack vector to headline grabbing effect. This has written a new chapter in the DDoS record books and made Terabit-scale attacks a reality. The Memcached vulnerability also exposed additional breach and data corruption risks, as attackers can also exploit these poorly secured servers to steal or temporarily modify customer data.”