Let's see what happens with the "underrated" DDoS attacks. Today, the probability that the businesses θύμα κυβερνοεπίθεσης είναι μια στις πέντε. Ταυτόχρονα, μια επίθεση συνοδεύεται από αρκετές ώρες αναστολής λειτουργιών, ενώ το κόστος αποκατάστασης των ζημιών ανέρχεται έως και στα $417.000.
This is the summary of the consequences of a typical DDoS attack, which was analyzed in detail in the recent "Corporate IT Security Risks" survey conducted by Kaspersky Lab and B2B International, 2015.
According to the survey, 20% of businesses with 50 or more employees have experienced at least one DDoS attack, with larger businesses most affected (24%). In addition, more than a quarter of DDoS attacks lead to sensitive loss data, an unexpected and damaging consequence for businesses.
The results of previous Kaspersky Lab reports show that DDoS attacks can lead to significant financial loss for small and medium-sized businesses. DDoS attacks are the fourth most expensive type of security breach facing small and medium businesses.
On average, restoring a DDoS attack costs more than $ 50.000 in a small and medium-sized business, much more than the usual costs associated with restoring other types of attacks. Businesses spend a lot to recover from a third-party failure or a digital espionage attack, but the typical financial damage of a DDoS attack is below average for large businesses ($ 417.000 compared to the average of $ 620.000 required for the recovery from other types of attacks).
Small businesses were more likely to lose data as a result of a DDoS attack. In particular, 31% of small and medium-sized enterprises reported data loss compared to 22% of large enterprises.
This shows that small and medium enterprises are struggling to implement effective measures to mitigate the threat of DDoS attacks, often due to limited resources.
The term "DDoS" is used for various attack technologies, and methods to prevent such attacks can be difficult to understand and expensive to implement. In analyzing attitudes to DDoS attacks, it is noted that about half of the companies believe that the additional investment in DDoS attacks prevention technologies is worthwhile.
Variety of damage: vacation operation, missed deals, data loss
DDoS attacks last for several hours and can cause a service to be stopped altogether. Some attacks may be even more damaging. The 9% of attacks that trigger a service shutdown last between two days and a week, while in 7% of cases the duration reached several weeks or more. However, damage is not limited to shutdown.
According to those surveyed, the 32% of the serious DDoS attacks coincided with attacks on the network. Although it is difficult to identify two different attacks on a single source, the results of the research show that DDoS attacks can lead to additional damage, including the loss or theft of sensitive data.
«Οι επιχειρήσεις πρέπει να αξιολογήσουν εκ νέου τις γνώσεις και τις αντιλήψεις τους σχετικά με τις επιθέσεις DDοS. Η έκθεση δείχνει σαφώς ότι η εμβέλεια της ζημιάς από τέτοιες επιθέσεις δεν περιορίζεται μόνο στην προσωρινή διακοπή λειτουργίας μιας εταιρικής ιστοσελίδας. Οι εταιρείες αναφέρουν συνολική διακοπή των λειτουργιών τους και – σε ορισμένες περιπτώσεις – την απώλεια ευαίσθητων δεδομένων. Ωστόσο, πολλές επιχειρήσεις αισθάνονται ότι η στρατηγική άμβλυνσης είναι υπερβολικά πολύπλοκη και δαπανηρή. Η λύση σε αυτό το πρόβλημα είναι απλή: οι suppliers πρέπει να αναλάβουν οι ίδιοι τις τεχνολογικές προκλήσεις, προσφέροντας μια εύκολη στην εφαρμογή και τη χρήση λύση για τους πελάτες τους. Αυτή είναι η προσέγγιση που έχουμε επιλέξει για τη λύση Kaspersky DDοS Protection»
commented Evgeny Vigovsky, Kaspersky Lab Kaspersky Lab's Kaspersky Lab Protection Team Leader.
The full version of the investigation into the implications and perceptions of DDoS attacks is available on the Kaspersky Lab website (PDF)