A one in five chance of being hit. Several hours of downtime. Up to US$417,000 to recover. This is the portrait of a typical DDoS attack, analyzed in detail during the latest Corporate IT Security Risks Survey conducted by Kaspersky Lab and B2B International. According to the research, 20% of businesses with 50 or more employees have suffered at least one DDoS attack, with enterprises being most affected (24%). Furthermore, over a quarter of attacks lead to the loss of sensitive data, an unexpected and damaging consequence of a DDoS attack.
The cost of recovery: a sensitive issue for SMBs
Results of our previous report show that DDoS attacks may lead to significant financial damage for small and medium businesses. DDoS is the fourth most expensive type of security breach faced by SMBs. On average a DDoS attack costs SMBs more than $50K in recovery bills, which is significantly more than the typical costs they face recovering from other types of attack. Enterprises spend a lot to recover from a third party failure or cyber espionage attack, but a typical financial loss from a DDoS is below average for enterprises ($417,000 compared to an average of $620,000 for enterprises to recover from other types of attack). Small business were most likely to lose data as result of a DDoS attack – 31% of SMBs reported data loss compared with 22% of enterprises.
This indicates that SMBs struggle to implement efficient measures to mitigate the threat of DDoS attacks, often due to limited resources. DDoS is an umbrella term for different attack technologies, and methods to avert them may be hard to understand and expensive to deploy. While analyzing attitudes towards DDoS attacks, we see that roughly a half of businesses think that additional investment on DDoS prevention technologies is worth the investment.
Damage variety: downtime, lost contracts, data loss
DDoS attacks last several hours and can cause complete disruption to a service. Some attacks are even more damaging: 9% of those causing a service to go dark last from two days to a week, and in 7% of cases such an attack lasted for several weeks or more. But the damage is not limited to downtime. According to respondents, 32% of serious DDoS attacks coincided with a network intrusion. Although it is hard to trace two different attacks to a single source, survey results provide evidence that DDoS attacks may lead to additional damage, including loss or theft of sensitive data.
“Businesses have to re-evaluate their perception of a DDoS attack. The report clearly shows that the damage scope from such attacks goes far beyond the temporary downtime of a corporate website. Companies report total disruption to their operations, and in some cases – loss of sensitive data. Still, many businesses feel that a mitigation strategy is too complex and expensive to implement. The solution to this is straightforward: vendors have to take technical challenges upon themselves, offering an easy to implement and use solution to clients. This is the approach that we have chosen for the Kaspersky DDoS Protection solution,” commented Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.