Hit By DDoS? You Will Be Hit Again…

More than 80% of DDoS victims are attacked a second time.

More than half of all DDoS strikes have resulted in some kind of customer data loss, intellectual property theft or disappearance of money, according to a new report from Neustara marketing, IT and security services, data services and domain registry company.

It’ll happen again, too. The IT firm also discovered that the vast majority of organizations (82 percent) are attacked again after the first DDoS onslaught.

“DDoS attacks continue to pose a legitimate threat as a dangerous weapon used to create chaos and hold organizations hostage,” Neustar says in the report. Not many are “spared,” the security outfit says, and almost half of those blitzed once were thrashed six or more times.

Company responses to DDoS attacks

DDoS attacks are “an institutionalized weapon of cyber warfare,” says Rodney Joffe, head of IT security research at Neustar, in a press release. “The reverberations are felt like a domino effect throughout all departments.”

The consequences appear to be an overall increase in investment in DDoS protection, though. “Participating in security consortiums to share information on threats and counter measures” is also becoming popular, the release says.

About three quarters (76 percent) of the battered companies increased spend on protection in 2015. Half (47 percent) joined in with others to share information.

Sharing information is critical

Interestingly, another recent report complains of private-sector cybersecurity folks not sharing enough. Fedscoop writes about McAfee’s March 2016 study of 500 business professionals who said they “were aware of cyber-threat sharing initiatives” but weren’t convinced they wanted to reciprocate—even though they would be happy to receive such information.

“Ninety-one percent said they would be interested in receiving information relevant to their industry. Only 63 percent said they would be likely to reciprocate by sharing their own intelligence,” Fedscoop says of the McAfee study.

Sharing is important to get a picture of who the attackers are, what they are assailing and how they’re doing it. A “lack of understanding” and corporate policy issues are “barriers to sharing,” Fedscoop explains.

The increase in DDoS protection spending uncovered by Neustar wasn’t across the board.

Thirty-seven percent of the companies surveyed say they’re investing more than a year ago, and that it’s “in proportion to the threat of DDoS attacks.” Another 39 percent say they are investing but think they should invest even more.

Sixteen percent aren’t investing more, though. A further 5 percent not only aren’t investing more, but they say DDoS isn’t a high priority. Only 3 percent have no specific anti-DDoS budget.

Neustar surveyed 1,005 executives across the tech, financial services and government sectors in late 2015. Seventy-nine percent of the organizations “report yearly revenues of more than $100 million, with $1 billion or more in annual revenue,” it says.

The loss numbers are big, too. Half of the organizations “would lose at least $100,000 per hour in a peak-time DDoS-related outage, [and] 33 percent would lose more than $250,000 per hour.”

And almost half (42 percent) “needed at least three hours to detect that they were under DDoS attack,” Neustar says.

Ein News

 

« Tracking Islamic State Impeded By Encryption
IS Forms Mega Hacking Group »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Axial

Axial

Axial Systems is one of the UK’s leading solution providers and systems integrators in network, security and services.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija is the national accreditation body for Slovenia. The directory of members provides details of organisations offering certification services for ISO 27001.

Adlumin

Adlumin

Adlumin Inc. provides the enterprise-grade security operations platform and managed detection and response services that keep mid-market organizations secure.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

Hub71

Hub71

Hub71 is a world-class tech ecosystem opening doors to global opportunities from an optimal business environment for entrepreneurial-minded innovators.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.