82% of companies hit by DDoS will be attacked again
Thu 5 May 2016
A new report shows that of companies surveyed, 82% of those that had one distributed denial of service (DDoS) attack would suffer another, and that 45% were hit six or more times. The report also showed that 80% of companies that adopted IoT were attacked.
The survey, which reviewed 2015 data on DDoS attacks, found that 73% of global brands and organizations were attacked. More than half reported theft, either of customer data, financial data, or intellectual property. A similar survey showed that DDoS attacks are growing, with frequency 40% higher in the fourth quarter of 2015 over third quarter results.
The attacks were fairly evenly distributed worldwide, with 72% of North American companies reporting at least one DDoS attack, compared to 73% in the Europe, Middle East and Africa region and 77% in Asia Pacific.
Findings indicate that 50% of organizations would lose $100,000 or more per hour if subjected to a DDoS related outage during peak traffic times. 11% of those estimate a greater than $1 million loss per hour. It took 3 or more hours to detect and respond to a DDoS attack in 41% of the cases worldwide, and over half of the time (56%) the company learned of the breach from a third party. In the Asia Pacific region, a third party notified the organization of the attack 76% of the time.
In the aftermath of a DDoS attack, 45% of companies found virus or malware was installed or activated on their systems; 23% lost customer data, 17% lost intellectual property, and 16% financial data. Overall, 73% of companies targeted by a DDoS attack reported a loss of customer trust and damage to the brand as a result of the attack.
The Internet of Things poses a serious problem in protecting against DDoS attacks. 63% of companies currently use or deploy IoT devices on some level. That number is expected to rise to 81% by 2017. Eight out of ten companies that reported using IoT reported a DDoS attack, with 43% of them suffering theft as a result. 32% reported network compromise, physical or equipment damage. In response to the vulnerability of IoT devices to DDoS attacks, companies are taking steps ranging from using third-party security providers (30%), using existing infrastructure to shore up defenses in IoT (37%), and looking to manufacturers to provide secure devices (28%).