Over a quarter of businesses that have been hit by a Distributed Denial of Service (DDoS) attack don’t think they were the intended target, according to an IT security product firm. That suggests, says Kaspersky Lab, that businesses can’t afford to be complacent. According to the company’s research, 27 per cent of respondents said being an innocent bystander was the most likely reason for DDoS attacks on them, suggesting that all businesses are in the firing line, even when they are not on the hit list.
The continued threat of DDoS attacks and the value that they bring to those that deploy them – halting company operations, accessing confidential information or demanding a ransom – means that all businesses are potential targets, Kaspersky Lab suggests. Despite this, it says organisations are still showing signs of cyber-complacency, with 28 per cent not using specialised anti-DDoS protection because they believe they are unlikely to be targeted by DDoS attacks.
Of the companies that experienced a security incident within the last 12 months, 44 per cent blamed a DDoS attack as being a contributing factor to that incident – up from a quarter (25 per cent) in 2016. This shows the impact of these types of attacks in today’s workplace and the need for organisations to proactively defend themselves against them. Nearly a quarter (23 per cent) of businesses believe a competitor was behind a DDoS attack on them – most likely for espionage or disruption purposes; 24 per cent believed it was used as a distraction tactic to hide another attack from IT staff, and 24 per cent believe that a DDoS attack was designed to specifically disrupt their operations.
David Emm, Principal Security Researcher at Kaspersky Lab, said: “Businesses can’t afford to display an ‘it won’t happen to me mentality’ towards DDoS attacks, but a worryingly large proportion of organisations are still doing so – despite today’s heightened threat landscape. Given the number of attacks that companies have faced over the last year, businesses must take responsibility for their cybersecurity – no organisation is safe from DDoS attacks. There is no room for complacency when it comes to keeping operations running smoothly and critical data protected.”
