Distributed denial of service (DDoS) attacks cause far-ranging damage, but research suggests that they also open the door to secondary attacks. About a third of DDoS hits are accompanied by network breaches.
According to respondents in a survey by Kaspersky Lab, 32% of serious DDoS attacks coincided with a network intrusion. Although it is hard to trace two different attacks to a single source, survey results provide evidence that DDoS attacks may lead to additional damage, including loss or theft of sensitive data.
Small businesses were most likely to lose data as a result of a DDoS attack—31% of SMBs reported data loss, compared with 22% of enterprises.
“Businesses have to re-evaluate their perception of a DDoS attack,” said Evgeny Vigovsky, head of Kaspersky DDoS protection at Kaspersky Lab. “The report clearly shows that the damage scope from such attacks goes far beyond the temporary downtime of a corporate website. Companies report total disruption to their operations, and in some cases—loss of sensitive data.”
Even without a breach, the DDoS stats are sobering: Businesses have a one in five chance of being hit, and can expect several hours of downtime. Most DDoS attacks last several hours and can cause complete disruption to a service. However, some attacks are even more damaging: 9% of those causing a service to go dark last from two days to a week and in 7% of cases such an attack lasted for several weeks or more. Unfortunately, the damage is not limited to downtime.
While 20% of businesses with 50 or more employees have suffered at least one DDoS attack, with enterprises being the most affected (24%), the small and medium-sized business (SMB) segment should be particularly wary. The report shows that DDoS is the fourth most expensive type of security breach faced by SMBs.
On average, a DDoS attack costs SMBs more than $50,000 in recovery bills, which is significantly more than the typical costs they face recovering from other types of attack. Enterprises spend a lot to recover from a third-party failure or cyber-espionage attack, but a typical financial loss for enterprises from a DDoS attack is $417,000, below average compared to recovery from other types of attacks.
“Still, many businesses feel that a mitigation strategy is too complex and expensive to implement,” Vigovsky said. “The solution to this is straightforward: vendors have to take technical challenges upon themselves, offering an easy to implement and use solution to clients.”
SMBs struggle to implement efficient measures to mitigate the threat of DDoS attacks, often due to limited resources. DDoS is an umbrella term for different attack technologies, and methods to avert them may be hard to understand and expensive to deploy.
Overall, while analyzing attitudes about DDoS attacks, roughly half of businesses surveyed think that additional investment on DDoS prevention technologies is worth the investment.