North American organizations are well aware of the threat posed by distributed denial-of-service (DDoS) attacks and over half of them are investing more in protection compared to last year, according to a report published this week by real-time information services and analytics provider Neustar.
The 2015 North America DDoS Attacks & Impact Report, which is based on information provided by more than 500 executives and senior professionals, shows that 40 percent of organizations see DDoS attacks as a growing threat. Nearly one third of respondents said they would lose over $100,000 in revenue per hour if hit during peak business hours.
Most of the companies that took part in the study still rely on traditional firewall solutions to fend off DDoS attacks, but hybrid protection, which involves both on-site hardware and cloud-based services, is also an increasingly popular choice. Neustart says a hybrid approach is used by 31 percent of all companies, and 94 percent of the firms that risk to lose more than $100,000 per hour.
Financial organizations, which are often a target for malicious actors, said their response time to DDoS attacks has decreased thanks to hybrid protection, with 72 percent of companies stating that they respond to attacks in less than 2 hours. Overall, 49 percent of respondents said they detect attacks and 54 percent said they respond to attacks in less than one hour.
“The increased hybrid adoption reflects the growing need for companies to have immediate, on premise DDoS defense capabilities, in addition to surge defense capabilities in response to larger attacks,” said Margee Abrams,director of security services at Neustar. “Companies continue to rely on layered traditional perimeter defenses including firewalls, routers and switches as well as DDoS mitigation services. But when revenues and brand reputation are at risk, deploying a hybrid solution offers the best of both worlds: immediate on premise protection with the capacity that only cloud providers can offer.”
As for the frequency of attacks, 15 percent of respondents said they were hit only once in 2014, but 9 percent of them were targeted so many times that they lost count. The longest attacks lasted for more than one day, 31 percent of companies reported.
The Neustar study shows that nearly 40% of North American organizations use more than 10 staffers to mitigate DDoS attacks. Experts have pointed out that this is beneficial for the attackers because there are fewer employees left to monitor other activities for which the DDoS might be just a smokescreen.
Organizations noted that DDoS-related data breaches have resulted in damage to the brand, malware and virus installation, customer data theft, financial theft, and loss of intellectual property. The areas most impacted by DDoS attacks are customer support, customer trust, and online marketing, the report shows.
The complete Neustar 2015 North America DDoS Attacks & Impact Report is available online.
