Connect with us

Hi, what are you looking for?


Network Security

Many Companies Know the Identity of DDoS Attackers: Report

Distributed denial of service (DDoS) attacks are affecting an increasing number of companies worldwide, and almost half of those hit by such attacks claim they know the identity of attackers, a recent report from Kaspersky Lab reveals.

Distributed denial of service (DDoS) attacks are affecting an increasing number of companies worldwide, and almost half of those hit by such attacks claim they know the identity of attackers, a recent report from Kaspersky Lab reveals.

Conducted by Kaspersky Lab and B2B International, more than 5,500 companies in 26 countries around the world were surveyed, which revealed that 48 percent of targeted companies believe they can identify attackers and their motivation. Furthermore, the report found that 12 percent of respondents believe that their competitors are behind DDoS attacks.

Organizations in the business services industry are those to look at competitors when such attacks are staged against them, with 38 percent suggesting that rival companies have paid for DDoS attacks against them. Overall, however, criminals looking to disrupt a company’s operations make up 28 percent of the suspects.

Companies also suggested that 18 percent of DDoS attacks come from criminals seeking to disrupt or distract while another attack takes place, while 17 percent come from criminals seeking to disrupt their services for a ransom. Political activists were cited as making 11 percent of threats, while governments or state powers supposedly account for 5 percent of attacks.

When asked about the motivation behind an attack, respondents in the manufacturing and telecoms industries cited a ransom as the most popular reason, at 27 percent. According to the report, telecoms, financial services and IT are the top three industries most likely to suffer from a DDoS attack.

The respondents also revealed that 50 percent of the attacks lead to a noticeable disruption of service, while 24 percent of attacks result in services being completely unavailable. The report also shows that 74 percent of DDoS attacks that lead to a noticeable disruption of service coincided with a different type of security incident, such as a malware attack, network intrusion or other type of attack.

According to the report, 26 percent of the attacks lead to loss of sensitive data, while 31 percent of attacks resulted in the loss of non-sensitive business data. 47 percent of respondents said that their business’ public website became unresponsive during a DDoS attack, while customer portal or login area were affected in 38 percent of attacks. 37 percent of respondents cited issues with communications services during an attack.

Advertisement. Scroll to continue reading.

The research also revealed that 35 percent of respondents were affected by attacks that lasted for several hours and which were considered severe, while 7 percent said that the attacks lasted for several weeks. On average, enterprises admitted to losing $417,000 as a result of a DDoS attack, while small and medium businesses said their losses amounted to an average of $53,000.

The report reveals that while only 6 percent of businesses report data loss following an attack, the number of businesses that name such an experience as their most serious and damaging security incident has grown from 4 percent last year to 6 percent in 2015. Telecoms companies (24 percent) and financial services organizations (22 percent) are most targeted, while media and entertainment companies (11 percent), real estate businesses (10 percent), and professional services (9 percent) are least likely to be hit by such attacks.

“DDoS attacks are no longer just about cybercriminals seeking to halt a company’s operations. Businesses are becoming suspicious of each other and there is a real concern that many companies – including small and medium-sized ones – are being affected by the underhand tactics of their competitors, who are commissioning DDoS attacks directly against them, damaging their operations and reputation,” Evgeny Vigovsky, Head of Kaspersky DDoS Protection, said.

In November, Kaspersky revealed that almost half of the DDoS attacks seen during the third quarter of the year were powered by Linux machines, with the XOR DDoS botnet, which was used to launch 150+ gigabit-per-second (Gbps) DDoS attacks, being the most notable in the category.

The number of cybercriminal groups launching small DDoS attacks to threaten companies and extort them is expected to increase following the success of bad actors such as DD4BC and Armada Collective, Recorded Future said earlier this month.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...