Security Experts:

Report Analyzes Concerns, Business Impact of DDoS Attacks

Neustar Reports Shows DDoS Attacks Can Cost Retailers More Than $100k Per-hour

According to NeuStar, a provider of information, infrastructure and security solutions, the effects a DDoS attack can be devastating to an organization's brand and operations. A majority (three-quarters) of the IT professionals that spoke with NeuStar for a study on the issue said that they fear negative brand impact or customer experiences because of such an attack.

DDoS Attack Trends by IndustryDDoS attacks are all the rage it seems. Criminals are using them, activists use them, and security vendors are using them as leverage to help ensure sales metrics are met. The reality of DDoS attacks has reached a point to where business leaders are asking questions. One question that surely comes up is impact.

Speaking to 1,000 IT professionals, from a wide range of industries (banking, retail, telecom, etc.), NeuStar asked about their perceptions on the overall business impact of a DDoS attack.

As it turns out, some of them had first hand experience with the topic, as 300 of them had previously watched as their network was hit by a DDoS. Of those who were previously attacked, 35% said that the attack was over within 24-hours or less, while 11% said the attack lasted more than a week.

The top concern was the impact a DDoS would have on customer service. When it comes to security, it’s easy to tell Company A to do X, Y, and Z. However, security pundits often forget the human aspect to business. Organizations are beholden to the customer first, and technology second.

When a DDoS takes a business offline, if the website is critical to the company, the customers will be irate to say the least. This will likely result in a flood of support calls, which could overwhelm the company, or force them into a position where the quality of customer care suffers, something no business wants to have happen.

What about the cost of a DDoS attack? Consider that there is the cost associated with IT, such as mitigation and staff payroll. However, there is also the cost in overhead associated with marketing, sales, and support. Those staffers may have to work extra hours to compensate for the loss of the website.

In fact, in retail, 67% of those who spoke with NeuStar said that a DDoS attack would cost them more than $100,000 per-hour. Those representing the financial industry pegged their costs at more than $10,000 per-hour.

With that said, NeuStar discovered that 25% of those they talked with had nothing in place to deal with a DDoS attack, while the majority relied on networking equipment to tackle the problem. Only 3% of the professionals who spoke to NeuStar said that they have DDoS mitigation hardware onsite. A copy of the report is available here as a PDF download.

Related Reading: Creating a DDoS Attack Action Plan

Related Reading: DDoS Attacks - Size Doesn’t Matter, Says Radware

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.