New research from two security companies shows that DDoS attacks are a lot more serious than previously thought. The nuisance attacks are doing more than shutting down websites, shutting out customers, and giving IT staff the unwanted task of fixing the problems. They are now being used for malware downloads and resulting in data loss.
Kaspersky Lab reported that companies have a one in five chance of being the victim of a DDoS attack. Worse, nearly one out of every three DDoS attacks coincided with a network intrusion, leading 31 percent of small business and 22 percent of larger businesses to suffer data loss. In fact, of the 5,500 respondents to its survey, 32 percent said that the DDoS attack happened in conjunction with a network intrusion.
In a release, Evgeny Vigovsky, head of Kaspersky DDoS Protection, stated:
Businesses have to re-evaluate their perception of a DDoS attack. The report clearly shows that the damage scope from such attacks goes far beyond the temporary downtime of a corporate website. . . . Still, many businesses feel that a mitigation strategy is too complex and expensive to implement.
Perhaps businesses won’t feel that coming up with a DDoS security strategy is so cumbersome when they take a look at the costs. As Info Security Magazine pointed out:
On average, a DDoS attack costs SMBs more than $50,000 in recovery bills, which is significantly more than the typical costs they face recovering from other types of attack. Enterprises spend a lot to recover from a third-party failure or cyber-espionage attack, but a typical financial loss for enterprises from a DDoS attack is $417,000.
If businesses need another reason to bump up the security efforts against DDoS attacks, research from Neustar may provide it. Small DDoS attacks may be leaving malware in their wake, and this results in the data loss that the Kaspersky Lab study is talking about. As a Computer Weekly article explained:
According to the survey, around 40% of DDoS attacks on European firms are relatively small, at less than 20Gbps, while only 2% of attacks reported were greater than 100Gbps and 18% were between 10Gbps and 20Gbps.
At the same time, more than a third of companies discovered malware installed on their systems in the wake of a DDoS attack and 25% found that data or funds had been stolen, with the retail and financial services sectors being worst hit.
Clearly, the days of seeing a DDoS attack as an inconvenience or a minor security problem are long gone. As Neustar Product Marketing Director Margee Abrams was quoted by Computer Weekly:
These longer attacks are providing a bigger window of opportunity to install malware and steal data. At the same time, longer attacks are causing a sustained threat to businesses’ profitability and brand reputation.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba