A DDoS Attack of Just 2Gbps Can Knock Most Websites Offline
Organizations hoping distributed denial of service (DDoS) attacks are no longer incidents du jour and are beginning to slow down can think again: there were more attacks in 2012 and they aren’t going away, according to Neustar.
A little over a third, or 35 percent, of organizations in the survey experienced some form of a disruptive DDoS attack in 2012, Neustar found in its second DDoS Survey, released Wednesday. Retailers and e-commerce businesses were among the top three industry sectors being targeted, accounting for 39 percent and 41 percent, respectively, of the attacks in 2012. Financial service organizations, many of whom battled waves of attacks last fall as part of Operation Ababil, were the most targeted, at 44 percent.
Back in February, Neustar surveyed 704 IT professionals in North America how their organizations managed DDoS attacks. When organizations are hit with distributed denial of service attack, organizations generally go into “crisis” mode, as everyone from the IT department to customer service does whatever is necessary to get past the threat.
“The consequences of being unprepared to mitigate a DDoS attack can be crippling to businesses, Alex Berry, a senior vice-president of enterprise services at Neustar, said in a statement.
Slightly more than a quarter of survey participants indicted that DDoS-related outages cost their organizations anywhere between $50,000-$100,000 an hour, or up to $2.4 million a day, the study found. About 74 percent of users projected outage costs of $10,000 per hour, or $240,000 a day.
The damage isn’t just revenue loss, however, but “about erosion in trust, brand value, and reputation,” Berry said. Nearly a third of the respondents said DDoS mitigation required time and related expenses of six or more employees.
While large attacks, such as those serious enough to raise the specter of a DDoS Armageddon, grab headlines, more than 70 percent of the attacks were less than 100 Mbps in network size or less than 100 Kpps in packets, Neustar found. Only two percent of the attacks in 2012 approached SpamHaus levels, with more than 20 Gbps of malicious traffic targeting the network.
While about 63 percent of the attacks lasted less than a day, the remainder of the attacks lasted more than 24 hours, with 17 percent going between one and two days. More organizations are seeing attacks that last more than a week, according to the survey.
“A well-crafted, multi-vector attack of just 2Gbps can bring most Websites to their knees,” Neustar said.
While companies are increasingly investigating DDoS protection, they aren’t investing in the right solutions or doing it fast enough. Only 8 percent of IT administrators in Neustar’s survey admitted to not having some kind of protection in place, a dramatic difference from 25 percent reporting no protection last year.
About two-third of the companies use firewalls, routers, and switches to manage DDoS Attacks, the survey found. In fact, Neustar found a 10 percent increase year-over-year in organizations using firewalls, switches, and routers for DDoS defenses. These networking products are not intended to filter out and block an overwhelming volume of malicious traffic, and wind up creating bottlenecks which help the attacks succeed, Neustar said.
“Few have invested in purpose-built hardware or third party expertise,” Neustar said.
Neustar’s numbers are in line with Akamai’s State of the Internet report released yesterday. Akamai said its customers saw a three-fold increase in DDoS attacks over the fourth quarter of 2012. Akamai said commerce customers, media and entertainment companies and enterprises were among the top three industry sectors being targeted, according to Akamai.
Related Reading: Cyberattack Capable of Downing Entire Internet Is Unlikely
Related Reading: China, DDoS Attacks Were Biggest Security Threats In Q4 2012
