New Research Reports Reveal Disturbing DDoS Statistics
By: Delia J. Smith
Distributed denial-of-service (DDoS) attacks are more powerful, harder to prevent and costlier to deal with than ever before.
And if you need any proof, take a look at two major, recently released research studies.
According to the 2017 Data Breach Investigations Report from Verizon, enterprises experienced 11,246 DDoS incidents last year. Virtually all (98%) of the attacks were aimed at large organizations. Most of the incidents lasted a couple of days or less — more than enough time to bring down a website and render important systems useless.
The May 2017 Worldwide DDoS Attacks and Cyber Insights Research Report from information services firm Neustar gets into more detail. Neustar and Harris Interactive conducted global, independent research of directors, managers, CISOs, CSOs, CTOs and other c-suite executives. Respondents came from various industries, including financial services, technology, healthcare, retail and energy. Annual revenues of about half of these enterprises ranged from $500 million to $1 billion.
Of the 1,010 organizations surveyed, 849 had experienced a DDoS attack within the past year; 86 percent of those companies had been hit more than once. Furthermore:
45 percent of DDoS attacks were more than 10 gigabits per second
15 percent of attacks were at least 50 Gbps
43 percent of organizations lost an average of $250,000 per hour
51 percent needed three hours or more to detect an attack
40 percent needed at least three hours to respond once an attack was discovered
What makes these numbers especially disturbing is that virtually all of the organizations surveyed (99 percent) were using some type of DDoS protection.
The Mirai Factor
Until recently, DDoS attacks rarely grabbed headlines the way cyber-espionage forays do. However, the Internet of Things (IoT) has changed all that. It’s empowered DDoS attackers in unimaginable ways. The best example is Mirai malware.
Mirai, the Japanese word for “the future,” infects IoT devices like cameras and servers, turning them into bots to be employed in DDoS attacks. Hackers can conduct large-scale DDoS attacks on services from hundreds or thousands of devices unattributable to the attacker.
Mirai botnets have done considerable damage since they were first discovered on Olympic websites last August. In September, they executed a record 620 Gbps attack on the cybersecurity blog KrebsOnSecurity, taking it offline. In October, the target was Internet infrastructure firm Dyn. That resulted in taking down many of the most-used web services, including Twitter, Reddit, Netflix and Spotify websites. Since then, other Mirai victims have included nearly a million Internet users in Germany and the entire country of Liberia.
“The Mirai botnet attacks were a wake-up call,” said Deborah Clark-McGinn, senior director or product marketing at Neustar. “What most organizations have in place is not enough, especially in the face of new and emerging attack methods. Most organizations have some sort of DDoS protection in place, yet 90 percent are investing more than they did a year ago, and 36 percent think they should be investing even more.”
Is your enterprise prepared? We can help. Our Dispersive™ Virtualized Network (DVN) will enable you to prosper from the benefits of IoT while minimizing the security risks IoT poses.
Find out how we or one of our carrier partners can improve your situation. Email us at firstname.lastname@example.org or call us at (844) 403-5852.
Critical Infrastructure On Edge: Colonial Pipeline Is Only the Latest Example of the Massive Risks Associated with Attacks
This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to their systems after the malicious cyberattack, while its four mainlines remain offline.
Financial Services Companies Struggle With The Work from Home Digital Perimeter With Serious Cyber Attacks on the Rise
When pandemic lockdowns turned many jobs into work-from-home almost overnight, some industries experienced relatively seamless transitions; however, the banking industry was not one of them. These institutions were forced to pivot from traditional office environments, but the switch to remote working came with an abundance of challenges, the most serious being cybersecurity.
With physical retail re-opening, large retailers with hundreds or thousands of locations are rethinking their security strategies, especially when it comes to Point-of-Sale (POS) systems.
Retailers need reliable, resilient networks, as downtime leads to slow checkout lines and unhappy customers.