A report that seeks to measure the impact of DDoS (Distributed Denial-of-Service) attacks on the affected companies reveals that the average cost per hour of such attacks is $40.000, with half of the companies surveyed noting losses over $ 500,000 / € 402.000 during the event.
Η μελέτη διεξήχθη από την Incapsula, μια εταιρεία παροχής λύσεων προστασίας από επιθέσεις DDoS, σε 270 εταιρίες στις USA and Canada, in different areas of it industry. The number of employees in each of them ranges from 250 to 10.000 individuals.
According to the information from the agencies that participated in research, 49% of recorded DDoS attacks lasted between 6 and 24 hours. These are the cases where the cost estimate averages $40.000 for each hour of the attack. 15% of respondents reported costs over $100.000 per hour. Cases were also reported where the attack lasted several days or even more than a week.
According to Incapsula, in the first half of the year 350% growth was observed on a large scale DDoS incidents, which are increasingly stronger and longer lasting. These are meant to exhaust the available network bandwidth, resulting in service interruption. Losses related to DDoS attacks are not evaluated strictly in terms of the event but include the overall impact on the company.
Costs are not limited to the IT team - they also have a big impact in areas such as security and risk management, customer service, and sales. In addition, most of the respondents who had been the target of such attacks (87%) were faced with other consequences, such as loss of customer confidence and the loss of intellectual property, the report says. In more than half of the cases examined, the hardware and the software they had to be replaced, which translates into extra costs.
Most companies do not take action against DDoS attacks
To get a company back to normal after a DDoS attack, in most cases, it can take months and sometimes even years. What is certain is the fact that these incidents have a long-term effect. Regarding incident management, it is worrying that many of the respondents did not have the necessary defense plans and solutions for DDoS attacks. Once 43% of respondents had taken appropriate action.