Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

North American Companies Better Prepared for DDoS Attacks: Report

North American organizations are well aware of the threat posed by distributed denial-of-service (DDoS) attacks and over half of them are investing more in protection compared to last year, according to a report published this week by real-time information services and analytics provider Neustar.

North American organizations are well aware of the threat posed by distributed denial-of-service (DDoS) attacks and over half of them are investing more in protection compared to last year, according to a report published this week by real-time information services and analytics provider Neustar.

The 2015 North America DDoS Attacks & Impact Report, which is based on information provided by more than 500 executives and senior professionals, shows that 40 percent of organizations see DDoS attacks as a growing threat. Nearly one third of respondents said they would lose over $100,000 in revenue per hour if hit during peak business hours.

Most of the companies that took part in the study still rely on traditional firewall solutions to fend off DDoS attacks, but hybrid protection, which involves both on-site hardware and cloud-based services, is also an increasingly popular choice. Neustart says a hybrid approach is used by 31 percent of all companies, and 94 percent of the firms that risk to lose more than $100,000 per hour.

Financial organizations, which are often a target for malicious actors, said their response time to DDoS attacks has decreased thanks to hybrid protection, with 72 percent of companies stating that they respond to attacks in less than 2 hours. Overall, 49 percent of respondents said they detect attacks and 54 percent said they respond to attacks in less than one hour.

“The increased hybrid adoption reflects the growing need for companies to have immediate, on premise DDoS defense capabilities, in addition to surge defense capabilities in response to larger attacks,” said Margee Abrams,director of security services at Neustar. “Companies continue to rely on layered traditional perimeter defenses including firewalls, routers and switches as well as DDoS mitigation services. But when revenues and brand reputation are at risk, deploying a hybrid solution offers the best of both worlds: immediate on premise protection with the capacity that only cloud providers can offer.”

As for the frequency of attacks, 15 percent of respondents said they were hit only once in 2014, but 9 percent of them were targeted so many times that they lost count. The longest attacks lasted for more than one day, 31 percent of companies reported.

The Neustar study shows that nearly 40% of North American organizations use more than 10 staffers to mitigate DDoS attacks. Experts have pointed out that this is beneficial for the attackers because there are fewer employees left to monitor other activities for which the DDoS might be just a smokescreen.

Organizations noted that DDoS-related data breaches have resulted in damage to the brand, malware and virus installation, customer data theft, financial theft, and loss of intellectual property. The areas most impacted by DDoS attacks are customer support, customer trust, and online marketing, the report shows.

The complete Neustar 2015 North America DDoS Attacks & Impact Report is available online.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.