Loss of customer trust biggest downside to DDoS attack, research claims
Loss of customer trust and confidence were the key downsides to suffering a distributed denial of service (DDoS) attack, according to a new piece of research.
The study, conducted by Corero Network Security, found more than half (52%) of IT security professionals polled say their customers showed a lack of trust following an outage, while more than one in five (22%) said DDoS attacks directly impacted their bottom line.
Nearly half admitted they responded reactively rather than proactively to DDoS attacks. Responses varied as to how companies knew they had been pinged. One in five (21%) said they knew after customers complained regarding a service issue, 14% blamed infrastructure outages, such as a firewall going down, and another 14% cited application failures and website outages.
This is arguably the most worrying aspect of the research; only 46% of those polled said they could spot an attack in advance because of high bandwidth spikes. As Dave Larson, CTO and VP product at Corero, argues, if you’re already on the back foot when an attack begins, given 96% of DDoS attacks last 30 minutes or less once you’ve sent in the cavalry it’s usually too late.
The good news is that one third (32%) of those polled said they plan to adopt a dedicated DDoS defence solution. Less than a quarter (23%) currently has the system in place, with approximately half of respondents utilising traditional IT infrastructure, such as firewalls. The consequences can be potentially horrific; one in five say their biggest worry with DDoS is malware, while 11% claim data theft or intellectual property loss is the highest concern.
Back in January, Arbor Networks concluded that DDoS attacks are growing in size, complexity and frequency. In 2004, the largest DDoS attack was 8Gbps – as of 2014, it has reached 400Gbps, with other reported events at 300, 200 and 170Gbps in 2014.
- » Biometrics, the CIO’s challenge and how AI could finally improve mobile security
- » How EMM can help with General Data Protection Regulation compliance
- » Google shares its tiered approach to enterprise mobile security in new paper
- » The enterprise manager’s checklist: Getting to grips with DDoS attacks and the botnet army
- » US mobile app users facing increased security risks, new report argues