Cyber ââattacks against Internet-connected resources have increased over the past 12 months, with Distributed Denial of Service (DDoS) being one of the most prominent. DDoS has the power to shut down an organization’s internet connectivity and act as a smokescreen for more malicious attacks such as ransomware. Yet understanding the financial impact can be difficult to calculate.
DDoS attacks have been around for over three decades. Broadly speaking, this is a class of cyber attack that uses multiple compromised systems to send bad traffic to the internet in order to overwhelm the resources of a targeted application, service or platform. . As a result, the victim of a DDoS attack may experience degraded services or even a complete failure – and the impact may extend beyond a single target if that victim is, in turn, a provider for d ‘others.
Consider the most recent example of a DDoS attack against Voipfone, a popular provider of VoIP and broadband internet in the UK. It was plagued by a DDoS attack that caused a âmajor downtimeâ for two days in early September. The ISP issued a statement saying it suffered a “planned and organized DDoS attack” that targeted Voipfone and similar organizations in the UK. In addition, he had also received a large ransom demand from what he described as a “Russia-based criminal hacking organization called REvil”.
However, understanding the impact on costs goes beyond paying a ransom. The factors strongly depend on the nature of the victim’s activity, the level of disturbance and the duration. At one extreme, think of popular or high traffic websites such as ecommerce, gaming, and web hosting, which can lose hundreds of thousands of pounds for every minute of downtime. According to by Corero white paper, The need for permanent protection against DDoS attacks, the average cost of a DDoS attack in the United States is around $ 218,000 not including ransomware costs.
Remediation and compensation are also a factor. For some organizations, such as web hosting providers, an outage can affect thousands of customers, resulting in high offset costs, especially when there is a service level agreement (SLA) with contractual obligations and penalties. . These direct costs could be insignificant compared to the reputational damage, especially if the attack is used as a diversion for a data breach in which the intellectual property or personal data of customers is stolen or compromised.
Considering the potential cost of a DDoS attack has become more urgent as the risks have increased, especially during a pandemic that has also seen a change in the behavior of DDoS attacks. Data from Corero DDoS Threat Intelligence Report 2020 showed a 70% growth in attacks above 10 Gbps and a significant increase in high packet rate attacks. The analysis suggests that this is due, at least in part, to the growing shift to 100Gbps internet connectivity, a trend that is driving the need for larger daily DDoS attacks. In addition, the frequency of repeat attacks has also increased significantly, with a 68% increase in the number of organizations experiencing a second attack in a week.
To counter this threat, the priority is precise, automatic and rapid protection. DDoS attacks that can now evade legacy mitigation mechanisms – especially short, undersaturated multi-vector attacks – can potentially wreak havoc. At the same time, IT teams are struggling to identify the cause. Therefore, it is essential to use a solution that can monitor network traffic, in real time, for both small-scale and high-volume attacks.
After identifying DDoS attack traffic, it is imperative to block it quickly and accurately. DDoS attack mitigation relies on security professionals who analyze traffic and perform relevant policy updates or switch attack traffic through a cloud protection service. Yet it cannot react quickly enough to prevent attacks from impacting the business. Based on these criteria, it is essential to consider the benefits of permanent activation to reduce mitigation time, from tens of minutes of existing solutions to the seconds needed to defeat modern attacks.
Along with these priorities, IT teams need to gain some understanding of the DDoS attacks they are targeting. There are many types of attack vectors used for DDoS attacks, and each has a different profile. Therefore, recruiting staff with such skills is increasingly difficult, so consider familiarizing at least a few staff with DDoS best practices. The simplest approach is to use a DDoS provider that offers SOC services and can work with IT staff to help communicate to the business what happened during an attack and how defenses did there. face. The cost of DDoS attacks is increasing, and only active defense will be able to counter their potentially crippling impact.