A report that seeks to measure the impact of DDoS Distributed Denial-of-Service attacks on affected companies reveals that the average hourly cost of such an attack is $ 40.000, with half of the companies surveyed reporting losses over $ 500,000 / € 402.000 as of duration of the event.
The study was conducted by Incapsula, a DDoS attack protection solution company, 270 companies in the US and Canada, in different areas of industry. The number of employees in each of them ranges from 250 to 10.000 individuals.
According to information from the investigators, 49% of recorded DDoS attacks lasted from 6 to 24 hours. These are the cases where the cost estimate is averaged over $ 40.000 for each hour of the attack. 15% of respondents declared a cost of more than $ 100.000 per hour. Cases were also reported that the attack lasted several days or more than a week.
According to Incapsula, in the first half of the year 350% growth was observed on a large scale DDoS incidents, which are increasingly stronger and longer lasting. These are intended to exhaust the available bandwidth of the network, resulting in service disruption. The losses associated with DDoS attacks are not strictly evaluated in terms of the event but include the overall impact for the company.
Spending is not limited to the IT team – it also has a big impact on areas such as better safety and risk management, customer service, and sales. In addition, most of the respondents who had been targeted by such attacks (87%) also faced other consequences, such as loss of customer confidence and loss of intellectual property, the report said. In more than half of the cases examined, the hardware and the software had to be replaced, which translates into additional costs.
Most Companies they do not take measures against DDoS attacks
To get a company back to normal after a DDoS attack, in most cases, it can take months and sometimes even years. What is certain is the fact that these incidents have a long-term effect. Regarding incident management, it is worrying that many of the respondents did not have the necessary defense plans and solutions for DDoS attacks. Once 43% of respondents had taken appropriate action.
