A report that seeks to measure the impact of DDoS attacks (Distributed denial of service ) on affected companies reveals that the average hourly cost of such an attack is $40.000, with half of surveyed companies noting losses over $ 500,000 / € 402.000 during the event.
The study was conducted by Incapsula, μια εταιρεία παροχής λύσεων προστασίας από επιθέσεις DDoS, σε 270 εταιρίες στις USA and Canada, in different areas of it industry. The number of employees in each of them ranges from 250 to 10.000 individuals.
According to information from the investigators, 49% of recorded DDoS attacks lasted from 6 to 24 hours. These are the cases where the cost estimate is averaged over $ 40.000 for each hour of the attack. 15% of respondents declared a cost of more than $ 100.000 per hour. Cases were also reported that the attack lasted several days or more than a week.
According to Incapsula, in the first half of the year 350% growth was observed on a large scale DDoS incidents, which are increasingly stronger and longer lasting. These are intended to exhaust the available bandwidth of the network, resulting in service disruption. The losses associated with DDoS attacks are not strictly evaluated in terms of the event but include the overall impact for the company.
Costs are not limited to the IT team - they also have a big impact in areas such as security and risk management, customer service, and sales. In addition, most of the respondents who had been the target of such attacks (87%) were faced with other consequences, such as loss of customer confidence and loss of intellectual property, the report said. In more than half of the cases examined, the hardware and the software had to be replaced, which translates into additional costs.
Most companies do not take action against DDoS attacks
To get a company back to normal after a DDoS attack, in most cases, it can take months and sometimes even years. What is certain is the fact that these incidents have a long-term effect. Regarding incident management, it is worrying that many of the respondents did not have the necessary defense plans and solutions for DDoS attacks. Once 43% of respondents had taken appropriate action.