What is the most damaging consequence of DDoS attacks to businesses? Losing the trust and confidence of your customers, according to nearly half of IT security people in Corero Network Security’s second annual DDoS Impact Survey. The polled was of attenders of the recent 2016 RSA Conference about DDoS issues and trends that Internet service providers and businesses face.
Dave Larson, COO at Corero Network Security said: “Network or website service availability is crucial to ensure customer trust and satisfaction, and vital to acquire new customers in a highly competitive market. When an end user is denied access to Internet-facing applications or if latency issues obstruct the user experience, it immediately impacts the bottom line.”
Nearly half (45 percent) of the IT security people who responded said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, while 34 per cent said lost revenues were the worst effect. DDoS attacks get the most attention when a firewall fails, service outage occurs, a website goes down or customers complain, but Larson warns that companies should be concerned about DDoS attacks even when the attacks are not large-scale, volumetric attacks that saturate a company’s network and associated server infrastructure. Approximately one third (32 per cent) of survey respondents indicated that DDoS attacks on their network occur weekly or even daily. “That is a troubling, yet not surprising, statistic because DDoS attacks are incredibly inexpensive to create, and relatively easy to deploy. Industry research, as well as our own detection technology, shows that cyber criminals are increasingly launching low-level, small DDoS attacks.”
The problem with such attacks is two-fold, the IT security product firm suggests: small, short-duration DDoS attacks still negatively impact network performance, and—more importantly, such attacks often act as a smokescreen for more malicious attacks. “While the network security defenses are degraded, logging tools are overwhelmed and IT teams are distracted, the hackers may be exploiting other vulnerabilities and infecting the environment with various forms of malware.” Larson noted that small DDoS attacks often escape the radar of traditional scrubbing solutions. Many organisations have no systems in place to monitor DDoS traffic, so they are not even aware that their networks are being attacked regularly.
The survey also asked participants about their current methods of handling the DDoS threat; nearly one third (30 per cent) of respondents rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. “Those companies are very vulnerable to DDoS attacks because it’s well-documented that traditional security infrastructure products aren’t sufficient to mitigate DDoS attacks,” said Larson.
Three in ten, 30 per cent of respondents rely on their upstream service providers to eliminate the attacks, yet most (85 per cent) of respondents indicated they believe upstream Internet Service Providers (ISPs) should offer additional security services to their subscribers to remove DDoS attack traffic completely. Half, 51 per cent responded that they would be willing to pay their ISPs for a premium service that removes DDoS attack traffic before it is delivered to them, and 35 per cent indicated they would allocate 5-10 per cent of their ISP spend to subscribe to this type of service. Larson said: “Clearly the majority of organizations need and are willing to pay for a service that protects them from DDoS attacks.”
About the study
It polled technology decision makers, network operators and security people attending the recent 2016 RSA Conference about key DDoS issues and trends that Internet service providers and businesses face in 2016. It received over 75 responses.
